5071 matches found
CVE-2025-39245
There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data...
CVE-2025-54029
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in extendons WooCommerce csv import export extendons-eo-wooimport-export allows Path Traversal.This issue affects WooCommerce csv import export: from n/a through = 2.0.6...
CVE-2025-54029
CVE-2025-54029 affects the WordPress plugin WooCommerce csv import export (versions up to 2.0.6). The issue is an improper limitation of a pathname to a restricted directory (path traversal), enabling traversal to arbitrary files. Some sources also describe an Arbitrary File Deletion impact. Reme...
CVE-2025-54029 WordPress WooCommerce csv import export Plugin <= 2.0.6 - Arbitrary File Deletion Vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in extendons WooCommerce csv import export extendons-eo-wooimport-export allows Path Traversal.This issue affects WooCommerce csv import export: from n/a through = 2.0.6...
WordPress plugin WooCommerce csv import export 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
Linux Distros Unpatched Vulnerability : CVE-2020-36308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries...
Linux Distros Unpatched Vulnerability : CVE-2018-13421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fast C++ CSV Parser aka fast-cpp-csv-parser before 2018-07-06 has a heap-based buffer over-read in io::trimchars in csv.h. CVE-2018-13421 Note that Nessus relie...
CVE-2025-55745 UnoPim Quick Export feature is vulnerable to CSV injection
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Versions 0.3.0 and prior are vulnerable to CSV injection, also known as formula injection, in the Quick Export feature. This vulnerability allows attackers to inject malicious content into exported...
UnoPim 安全漏洞
UnoPim is an open source Product Information Management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim 0.3.0 and earlier versions, which stems from CSV injection and could lead to remote code execution...
CVE-2025-9241
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
ELADMIN 安全漏洞
ELADMIN is a backend management system for elunez personal developers. A security vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from the exportUser function not escaping and filtering exported CSV content, which allows remote attackers to inject malicious CSV loads...
Exploit for CVE-2025-9216
StoreEngine – Powerful WordPress eCommerce Plugin for Payments...
Linux Distros Unpatched Vulnerability : CVE-2018-11652
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header,...
Malicious code in covid19_nagano_csv_to_json (npm)
The package covid19naganocsvtojson was found to contain malicious code...
MAL-2025-17804 Malicious code in csv-mineralogy-pm2-transform (npm)
The package csv-mineralogy-pm2-transform was found to contain malicious code...
Malicious code in public-csv-carpo-cygnus (npm)
The package public-csv-carpo-cygnus was found to contain malicious code...
Malicious code in csv-uglify-js-protractor-grus (npm)
The package csv-uglify-js-protractor-grus was found to contain malicious code...
Malicious code in csv-hermes-cryonics-solis (npm)
The package csv-hermes-cryonics-solis was found to contain malicious code...
Malicious code in csv-cosmicray-mui-spica (npm)
The package csv-cosmicray-mui-spica was found to contain malicious code...
Malicious code in csv-module-mocha-lyra (npm)
The package csv-module-mocha-lyra was found to contain malicious code...