CVE-2023-51320

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...

CVE-2023-51302

PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51298

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51298

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51298

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection due to insufficient input validation on the Languages section Labels field in System Options used to construct CSV files, potentially enabling remote code execution via crafted CSV payloads. Public writeups (e.g., PacketStorm) ...

CVE-2023-51298

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51302

PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51302

PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51302

PHPJabbers Hotel Booking System v4.0 is vulnerable to a CSV Injection flaw. The root cause is insufficient input validation on the Languages/Labels parameters used to construct CSV files, specifically in the Reservations list (Unique ID field). This can allow an attacker to execute remote code vi...

CVE-2024-34448

Ghost before 5.82.0 allows CSV Injection during a member CSV export...

CVE-2023-5122

Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests t...

CVE-2025-22978

eladmin =2.7 is vulnerable to CSV Injection in the exception log download module...

CVE-2021-37702

Pimcore is an open source data & experience management platform. Prior to version 10.1.1, Data Object CSV import allows formular injection. The problem is patched in 10.1.1. Aside from upgrading, one may apply the patch manually as a workaround...

CVE-2022-24770

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

CVE-2022-2027

Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0...

CVE-2022-2112

Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2...

CVE-2020-15255

In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software for example, when a cell value starts with an equal sign. This is fixed in version 1.19.23.5325...

CVE-2020-24898

The Table Filter and Charts for Confluence Server app before 5.3.26 for Atlassian Confluence allows SSRF via the "Table from CSV" macro URL parameter...

CVE-2024-52372

Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer BETA easy-csv-importer allows Upload a Web Shell to a Web Server.This issue affects Easy CSV Importer BETA: from n/a through = 7.0.0...

CVE-2024-52406

Unrestricted Upload of File with Dangerous Type vulnerability in wibergsweb CSV to html csv-to-html allows Upload a Web Shell to a Web Server.This issue affects CSV to html: from n/a through = 3.26...