5078 matches found
CVE-2023-48835
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List...
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List...
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List...
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
Design/Logic Flaw
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
Input validation
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
Input validation
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language Labels Export action...
Input validation
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
Input validation
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List...
CVE-2023-48841
CVE-2023-48841 affects PHPJabbers Appointment Scheduler 3.0. The vulnerability is a CSV injection in the Language > Labels > Export action, caused by insufficient input validation on the Unique ID field used to construct the CSV file. Impact is described as high (C/H/I/H/A/H) per CVSS data,...
Shuttle Booking Software Security Breach
Shuttle Booking Software is a PHP Jabbers open source shuttle booking software. A security vulnerability exists in Shuttle Booking Software version 2.0, which stems from a CSV injection vulnerability in the Languages selection function when exporting...
PT-2023-30984 · Unknown · Appointment Scheduler
Name of the Vulnerable Software and Affected Versions: Appointment Scheduler version 3.0 Description: The issue concerns a CSV Injection vulnerability via the Language Labels Export action. This allows for potential code execution. Recommendations: For Appointment Scheduler version 3.0, update to...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-48841
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
CVE-2023-48826
Time Slots Booking Calendar 4.0 (PHPJabbers) is vulnerable to CSV injection via the unique ID field in the Reservations List. The root cause is insufficient input validation when exporting to CSV, enabling crafted ID values to inject CSV content. The vulnerability can lead to high-impact outcomes...
CVE-2023-48835
CVE-2023-48835 affects Car Rental Script v3.0; the vulnerability is a CSV Injection in the Language > Labels > Export action due to insufficient input validation on the Unique ID field in Reservations. Impact is high (C:H, I:H, A:H) with CVSS 3.1 base score 8.8. In-the-wild/exploit details ...