Design/Logic Flaw

LiteCart through 2.2.1 allows CSV injection via a customer's profile...

CVE-2020-9017

LiteCart through 2.2.1 allows CSV injection via a customer's profile...

CVE-2020-9017

LiteCart 2.2.1 and earlier versions are affected by a CSV injection vulnerability in the customer profile handling. The issue, described across multiple sources (CVE-2020-9017 and associated records), enables CSV injection when processing profile data. Public references confirm LiteCart up to ver...

CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

Design/Logic Flaw

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

UBUNTU-CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

CVE-2020-8518

CVE-2020-8518 is an RCE in Horde Groupware Webmail Edition 5.2.22 via CSV data import, caused by arbitrary PHP code injection in the Horde_Data component. The vulnerability allows authenticated users to execute code on the server hosting the web application. Affected versions include Horde Groupw...

[SECURITY] Fedora 31 Update: php-horde-Horde-Data-2.1.5-1.fc31

A data import and export API, with backends for: CSV TSV iCalendar vCard vNote vTodo...

[SECURITY] Fedora 30 Update: php-horde-Horde-Data-2.1.5-1.fc30

A data import and export API, with backends for: CSV TSV iCalendar vCard vNote vTodo...

Fedora: Security Advisory for php-horde-Horde-Data (FEDORA-2020-1e7cc91d55)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for php-horde-Horde-Data (FEDORA-2020-0248ad925e)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

February 11, 2020—KB4537821 (Monthly Rollup)

February 11, 2020—KB4537821 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4534324 released January 23, 2020 and addresses the following issues: Disables Microsoft Visual Basic Script VBScript by default in the Internet and...

WordPress Events Manager Pro plugin <= 2.6.7.1 - CSV Injection vulnerability

CSV Injection vulnerability found by Vishnupriya Ilango in WordPress Events Manager Pro plugin versions = 2.6.7.1. Solution Update the WordPress Events Manager Pro plugin to the latest available version at least 2.6.7.2...

WordPress Events Manager plugin <= 5.9.7.1 - CSV Injection vulnerability

CSV Injection vulnerability found by Vishnupriya Ilango in WordPress Events Manager plugin versions = 5.9.7.1. Solution Update the WordPress Events Manager plugin to the latest available version at least 5.9.7.2...

Events Manager < 5.9.7.2 - CSV Injection

The Events Manager WordPress plugin was affected by a CSV Injection security vulnerability...

Events Manager Pro < 2.6.7.2 - CSV Injection

The events-manager-pro WordPress plugin was affected by a CSV Injection security vulnerability...

Elasticsearch Kibana CSV Injection Vulnerability

Elasticsearch Kibana is a suite of open source, browser-based analytics and search Elasticsearch dashboard tools from Elasticsearch Netherlands. A CSV injection vulnerability exists in Elasticsearch Kibana. An attacker can exploit the vulnerability to run malicious commands on a logged-in user's...

Kibana 6.6.1 - CSV Injection

Kibana 6.6.1 - CSV Injection Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest...