5078 matches found
CVE-2025-6838
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CS...
CVE-2025-6838
CVE-2025-6838 affects WordPress Broken Link Notifier plugin up to and including 1.3.0. The vulnerability arises from CSV injection via broken links exported to CSV, enabling authenticated attackers with Contributor-level access or higher to embed untrusted input that can lead to code execution on...
CVE-2025-6838 Broken Link Notifier <= 1.3.0 - Authenticated (Contributor+) CSV Injection
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CS...
CVE-2025-6838 Broken Link Notifier <= 1.3.0 - Authenticated (Contributor+) CSV Injection
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CS...
PT-2025-29218 · WordPress · Broken Link Notifier For Wordpress
Name of the Vulnerable Software and Affected Versions: Broken Link Notifier for WordPress versions prior to 1.3.1 Description: The plugin is susceptible to CSV injection through broken links that are exported. This allows authenticated attackers with Contributor-level access or higher to embed...
WordPress plugin Broken Link Notifier 安全漏洞
WordPress Broken Link Notifier plugin is a plugin for monitoring broken links e.g. 404 errors, timeout links, etc. within a website. A code execution vulnerability exists in the WordPress Broken Link Notifier plugin that stems from the possibility of embedding malicious input when exporting CSV...
WordPress Broken Link Notifier plugin <= 1.3.0 - Authenticated (Contributor+) CSV Injection vulnerability
Authenticated Contributor+ CSV Injection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Broken Link Notifier versions = 1.3.0...
Malicious code in grafana-csv-datasource (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9ad716a5ea97debbbad7d3b10d1b4a28c71a2e2b1143a6733443cc211de350f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5777 Malicious code in grafana-csv-datasource (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9ad716a5ea97debbbad7d3b10d1b4a28c71a2e2b1143a6733443cc211de350f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-34083
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36849...
CVE-2025-34083
CVE-2025-34083 is rejected/not used; it is a duplicate of CVE-2020-36849.
CVE-2025-34083
...
CVE-2025-7061
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-7061
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-7061
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-7061
CVE-2025-7061 affects Intelbras InControl up to version 2.21.60.9. The issue is a csv injection in unknown code under /v1/operador/, with remote exploitation reported and publicly disclosed. Multiple connected sources confirm the vulnerability and its public discussion. Public commentary from PT-...
CVE-2025-7061 Intelbras InControl operador csv injection
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-7061 Intelbras InControl operador csv injection
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
BIT-LIMESURVEY-2024-42901
A CSV injection vulnerability in Lime Survey v6.5.12 allows attackers to execute arbitrary code via uploading a crafted CSV file...
PT-2025-27949 · Intelbras · Intelbras Incontrol
Name of the Vulnerable Software and Affected Versions: Intelbras InControl versions up to 2.21.60.9 Description: A vulnerability was found in Intelbras InControl, affecting unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely...