5078 matches found
WordPress Contact Form Plugin < 4.3.13 CSV Injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:fluentforms:contactform"; ifdescription...
CVE-2023-31295
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...
CVE-2023-31295
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...
CVE-2023-31295
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...
Input validation
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...
CVE-2023-31296
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...
CVE-2023-31296
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...
Input validation
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...
CVE-2023-31294
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...
CVE-2023-31294
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...
Input validation
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...
CVE-2023-31295
CVE-2023-31295 affects Sesami CPTO (Cash Point & Transport Optimizer) version 6.3.8.6. The issue is a CSV Injection in the User Profile field that allows a remote attacker to obtain sensitive information. Public sources available in the connected documents consistently describe the vulnerability ...
CVE-2023-31296
Affected software/product: Sesami CPTO (Cash Point & Transport Optimizer) — version 6.3.8.6 (#718). Vulnerability type / vector: CSV Injection via the User Name field. Root cause / impact: The issue enables an attacker to obtain sensitive information; documentation notes a CSV injection risk with...
CVE-2023-31296
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...
CVE-2023-31294
The CVE-2023-31294 issue affects Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6, where a CSV Injection flaw in the Delivery Name field can cause information disclosure. Root cause: improper handling of the Delivery Name in CSV output enables crafted input to be interpreted as CSV, reveali...
Sesami Cash Point & Transport Optimizer Security Vulnerability
Sesami Cash Point & Transport Optimizer is a solution from Sesami Corporation. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 that stems from the presence of a CSV injection vulnerability. The vulnerability allows remote attackers to obtain sensiti...
CVE-2023-31295
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...
CVE-2023-31296
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...
CVE-2023-31294
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...
CVE-2023-50448
In ActiveAdmin aka Active Admin before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data that belongs to another user by making CSV export requests at certain specific times...