GHSA-2X55-MG9R-24F7 Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout...

Alkacon OpenCMS CSV Injection via New User module

Alkacon OpenCMS v10.5.4 and before is affected by CSV aka Excel Macro Injection in the module New User /opencms/system/workplace/admin/accounts/usernew.jsp via the First Name or Last Name...

GHSA-Q693-V7QF-P4XJ Alkacon OpenCMS CSV Injection via New User module

Alkacon OpenCMS v10.5.4 and before is affected by CSV aka Excel Macro Injection in the module New User /opencms/system/workplace/admin/accounts/usernew.jsp via the First Name or Last Name...

The vulnerability of the “String to CSV conversion” algorithm in the Kernel#Float and String#to_f methods of the Ruby language interpreter allows a attacker to cause a service failure.

The vulnerability of the Stringtof and KernelFloat methods in the Ruby language interpreter involves operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Zphisher-GUI-Back_office - A Zphisher GUI Back-Office Plugin

DISCLAIMER This toolkit contains materials that can be potentially damaging or dangerous for social media. Refer to the laws in your province/country before accessing, using,or in any other way utilizing this in a wrong way. This Tool is made for educational purposes only. Do not attempt to viola...

CVE-2021-43257

Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csvexport.php generated CSV file in Excel...

Export any WordPress data to XML/CSV < 1.3.5 - Admin+ SQL Injection

The plugin does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. 1. Go to the All Export New Export screen in the WordPress admin. 2. Now click on Specific Post Type Posts. 3. Click now on Migrate Posts an...

WordPress Export any WordPress data to XML/CSV plugin <= 1.3.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Asif Nawaz Minhas in WordPress Export any WordPress data to XML/CSV plugin versions = 1.3.4. Solution Update the WordPress Export any WordPress data to XML/CSV plugin to the latest available version at least 1.3.5...

Export any WordPress data to XML/CSV < 1.3.5 - Admin+ SQL Injection

The plugin does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. PoC 1. Go to the All Export New Export screen in the WordPress admin. 2. Now click on Specific Post Type Posts. 3. Click now on Migrate...

WP-CRM <= 1.2.1 - CSV Injection

The plugin does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability. PoC 1. Add new person and put the following CSV calculator payload into the Display Name, Phone Number and Description field and save the entry. payload : =cmd|' /C...

WP-CRM <= 1.2.1 - CSV Injection

The plugin does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability. 1. Add new person and put the following CSV calculator payload into the Display Name, Phone Number and Description field and save the entry. payload : =cmd|' /C calc'!'A...

WordPress WP-CRM plugin <= 1.2.1 - CSV Injection vulnerability

CSV Injection vulnerability discovered by Ankur Bakre in WordPress WP-CRM plugin versions = 1.2.1. Solution Deactivate and delete. This plugin has been closed as of April 20, 2022 and is not available for download. This closure is temporary, pending a full review...

GHSA-2JVJ-MHF2-G99W SilverStripe CSV Excel Macro Injection

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

SilverStripe CSV Excel Macro Injection

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

GHSA-P9QJ-4RJP-J3W9 Apache Directory Studio Command Injection

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet...

CVE-2022-29151

CVE-2022-29151 is a Windows CSV (Cluster Shared Volume) Elevation of Privilege vulnerability. The NVD entry and MSRC reference describe it as a local-privilege issue in CSV with high impact (confidentiality, integrity, and availability all affected). CVSSv3.1 shows a base score of 7.0, attack vec...

CVE-2022-29135

CVE-2022-29135 is described as a Windows CSV Elevation of Privilege vulnerability. The connected documents reference CSV-related issues and protections within Microsoft security updates issued May 2022, including CVE coverage notes and known issues about CSV ownership and certificate-mapping hand...

Quotes llama < 1.0.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape Quotes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. The attack could also be performed by tricking an admin to import a malicious CSV file PoC Create/edit a quote and p...

Eaton Intelligent Power Manager Infrastructure

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Manager Infrastructure Vulnerabilities: Cross-site Scripting, Reflected Cross-site Scripting, Improper Neutralization of Formula in a CSV File 2. RISK EVALUATION...

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File

Description Formula Injection/CSV Injection in "For what?" , "For whom?" & "How much?" due to Improper Neutralization of Formula Elements in CSV File. Proof of Concept 1.Visit https://ihatemoney.org/ and start your demo application then click on add new bill at the top right. In the field of "wha...