Lucene search
K

5080 matches found

WPVulnDB
WPVulnDB
added 2020/11/13 12:0 a.m.9 views

[0day] AIT CSV Import / Export <= 3.0.3 - Unauthenticated Arbitrary File Upload

The WPScan research team discovered an active exploitation attempt against a 0day vulnerability within the premium AIT CSV Import / Export WordPress plugin within our honeypot logs. The honeypot log showed a GET request to the following file:...

0.1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2020/11/13 12:0 a.m.21 views

WordPress AIT CSV Import / Export plugin <= 3.0.3 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability found by Ryan WPScan in WordPress AIT CSV Import / Export plugin versions = 3.0.3. Solution 2020-11-13 - we were unable to find a patched version of this plugin...

3.3AI score
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/10 10:15 p.m.22 views

Security Bulletin: CSV Injection Security vulnerability in ACCE in FileNet Content Manager

Summary Administration Console for Content Platform Engine ACCE CSV Injection Security vulnerability exists in FileNet Content Manager Vulnerability Details CVEID: CVE-2020-4759 DESCRIPTION: IBM FileNet Content Manager is potentially vulnerable to CVS Injection. A remote attacker could execute...

9.3CVSS2.5AI score0.01984EPSS
Exploits0Affected Software1
Microsoft KB
Microsoft KB
added 2020/11/10 8:0 a.m.63 views

November 10, 2020—KB4586834 (Monthly Rollup)

November 10, 2020—KB4586834 Monthly Rollup IMPORTANT Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases known as "C" or "D" releases for this operating system. Operating systems in extended...

10CVSS7.5AI score0.25285EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/11/10 12:0 a.m.254 views

Anuko Time Tracker 1.19.23.5325 CSV Injection

Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...

6.5CVSS0.2AI score0.03462EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/11/10 12:0 a.m.402 views

Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection

Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...

8.7CVSS7AI score0.03462EPSS
Exploits3
NVD
NVD
added 2020/11/09 9:15 p.m.20 views

CVE-2020-4759

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736...

9.3CVSS7.4AI score0.01984EPSS
Exploits0References2
OSV
OSV
added 2020/11/09 9:15 p.m.3 views

CVE-2020-4759

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736...

7.8CVSS7.3AI score0.01984EPSS
Exploits0References2
Prion
Prion
added 2020/11/09 9:15 p.m.20 views

Input validation

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736...

9.3CVSS7.7AI score0.01984EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/11/09 8:25 p.m.27 views

CVE-2020-4759

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736...

7CVSS7.8AI score0.01984EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/11/06 12:0 a.m.20 views

phpMyAdmin <= 5.1.1 CSV Injection Vulnerability - Windows

phpMyAdmin is prone to a CSV injection vulnerability via Export Section. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.8AI score0.01507EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2020/11/06 12:0 a.m.17 views

phpMyAdmin <= 5.1.1 CSV Injection Vulnerability - Linux

phpMyAdmin is prone to a CSV injection vulnerability via Export Section. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.8AI score0.01507EPSS
Exploits1References1
NVD
NVD
added 2020/11/05 6:15 p.m.12 views

CVE-2020-26507

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

9.3CVSS8AI score0.01EPSS
Exploits1References2
OSV
OSV
added 2020/11/05 6:15 p.m.6 views

CVE-2020-26507

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

7.8CVSS6AI score0.01EPSS
Exploits1References2
Prion
Prion
added 2020/11/05 6:15 p.m.18 views

Design/Logic Flaw

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

9.3CVSS8AI score0.01EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/11/05 5:9 p.m.19 views

CVE-2020-26507

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

8AI score0.01EPSS
Exploits1References2
CVE
CVE
added 2020/11/05 5:9 p.m.39 views

CVE-2020-26507

The CVE-2020-26507 entry concerns Marmind Web Application 4.1.141.0, affected by a CSV/Formula Injection vulnerability in the Notes functionality on the main screen and the Description field under Insert To-Do. The attacker can provide formula code to inject a payload into exported CSV data, whic...

9.3CVSS7.9AI score0.01EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2020/11/05 4:15 p.m.18 views

CVE-2020-25398

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality...

8.8CVSS8.9AI score0.01978EPSS
Exploits1References1
Prion
Prion
added 2020/11/05 4:15 p.m.16 views

Design/Logic Flaw

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality...

6.8CVSS8.8AI score0.01978EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/05 3:8 p.m.27 views

CVE-2020-25398

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality...

8.9AI score0.01978EPSS
Exploits1References1
Rows per page
Query Builder