Lucene search
K

5080 matches found

Fedora
Fedora
added 2020/11/21 1:46 a.m.19 views

[SECURITY] Fedora 32 Update: rpki-client-6.8p1-1.fc32

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

1.3AI score
Exploits0
Fedora
Fedora
added 2020/11/21 1:31 a.m.13 views

[SECURITY] Fedora 33 Update: rpki-client-6.8p1-1.fc33

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

1.3AI score
Exploits0
NVD
NVD
added 2020/11/20 8:15 p.m.13 views

CVE-2020-28845

A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system...

9.3CVSS7.7AI score0.01117EPSS
Exploits1References1
Prion
Prion
added 2020/11/20 8:15 p.m.21 views

Design/Logic Flaw

A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system...

9.3CVSS7.7AI score0.01117EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/11/20 7:3 p.m.79 views

CVE-2020-28845

CVE-2020-28845 involves a CSV injection vulnerability in Netskope Admin portal (version 75.0). An unauthenticated attacker can inject a malicious payload via the admin UI, potentially compromising the administrator’s system. Metrics from NVD indicate high impact across confidentiality, integrity,...

9.3CVSS7.7AI score0.01117EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/20 7:3 p.m.16 views

CVE-2020-28845

A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system...

7.7AI score0.01117EPSS
Exploits1References1
Patchstack
Patchstack
added 2020/11/20 12:0 a.m.17 views

WordPress weForms plugin <= 1.4.7 - CSV Injection vulnerability

CSV Injection vulnerability found by Mohamad Pishdar in WordPress weForms plugin versions = 1.4.7. Solution 2020-11-20 - we were unable to find information about the fix for this vulnerability...

9.8CVSS2.9AI score0.02983EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2020/11/20 12:0 a.m.13 views

WordPress Import and export users and customers plugin <= 1.16.3.5 - CSV Injection vulnerability

CSV Injection vulnerability found by Mohamad Pishdar cert.ikiu.ac.ir in WordPress Import and export users and customers plugin versions = 1.16.3.5. Solution Update the WordPress Import and export users and customers plugin to the latest available version at least 1.16.3.5...

8CVSS3AI score0.01827EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2020/11/20 12:0 a.m.15 views

WordPress Easy Registration Forms plugin <= 2.0.6 - CSV Injection vulnerability

CSV Injection vulnerability found by Mohamad Pishdar cert.ikiu.ac.ir in WordPress Easy Registration Forms plugin versions = 2.0.6. Solution 2020-11-20 - we were unable to find information about the fix for this vulnerability...

8.8CVSS3.2AI score0.02144EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/11/20 12:0 a.m.20 views

Import and export users and customers < 1.16.3.6 - CSV Injection

The plugin did not validate or sanitise user data, such as first and last names from the profile, leading to a CSV injection when the data is exported by an administrator...

6CVSS2.9AI score0.01827EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2020/11/20 12:0 a.m.9 views

Netskope 注入漏洞

Netskope is a threat protection gateway for cloud environments from US-based Netskope. An injection vulnerability exists in Netskope version 75.0, which stems from a CSV injection vulnerability that can be exploited by an attacker to inject a malicious payload into an administrator's portal,...

9.3CVSS7.1AI score0.01117EPSS
Exploits1References2
WPVulnDB
WPVulnDB
added 2020/11/20 12:0 a.m.24 views

Easy Registration Forms <= 2.0.6 - CSV Injection

Easy Registration Forms ER Forms Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable...

6.8CVSS3AI score0.02144EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/11/20 12:0 a.m.20 views

weForms < 1.6.4 - CSV Injection

The plugin allows CSV injection via a form's entry...

7.5CVSS4.2AI score0.02983EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2020/11/19 12:0 a.m.3 views

SuiteCRM CSV Injection Vulnerability

SuiteCRM is a free open source customer relationship management application. A CSV injection vulnerability exists in SuiteCRM 7.11.13 and earlier versions. The vulnerability can be exploited to conduct CSV injection attacks via the registration field in the Accounts, Contacts, Opportunities, and...

7.8CVSS7.3AI score0.00784EPSS
Exploits0References1
OSV
OSV
added 2020/11/18 9:15 p.m.13 views

CVE-2020-15301

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...

7.8CVSS7.1AI score
Exploits0References1
NVD
NVD
added 2020/11/18 9:15 p.m.11 views

CVE-2020-15301

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...

7.8CVSS7.9AI score0.00784EPSS
Exploits0References1
Prion
Prion
added 2020/11/18 9:15 p.m.21 views

Sql injection

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...

6.8CVSS7.9AI score0.00784EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/11/18 9:0 p.m.58 views

CVE-2020-15301

SuiteCRM is affected by a CSV Injection vulnerability (Formula Injection) in the Accounts module. OSV records describe affected versions v7.11.18–v7.11.19 and v7.10.29–v7.10.31, where a low-privileged attacker can inject payloads into input fields; when an administrator exports data to CSV from t...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/18 9:0 p.m.14 views

CVE-2020-15301

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...

7.9AI score0.00784EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/11/18 12:0 a.m.5 views

PT-2020-14342 · Salesagility · Suitecrm

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.11.14 Description: The issue allows for CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. This occurs due to mishandling of these fields during a Download Import Fi...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References10
Rows per page
Query Builder