Shortlinks by Pretty Links <= 2.1.9 - Stored XSS and CSV Injection

Details in the reference...

May 19, 2019—KB4505056 (OS Build 17763.504)

May 19, 2019—KB4505056 OS Build 17763.504 Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue that may prevent access to some gov.uk websites that don’t support HTTP Strict Transport Security HSTS when using Internet Explorer 11 or Microsoft...

PT-2019-17046 · Ibm · Ibm Maximo Asset Management

Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management version 7.6 Description: The issue allows a remote authenticated attacker to execute arbitrary commands on the system due to CSV injection. Recommendations: For IBM Maximo Asset Management version 7.6, update to a...

Security Bulletin: IBM Maximo Asset Management is vulnerable to CSV Injection (CVE-2019-4364)

Summary IBM Maximo Asset Management is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbirary commands on the system. Vulnerability Details CVEID: CVE-2019-4364 DESCRIPTION: IBM Maximo Asset Management is vulnerable to CSV injection, which could allow a...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

Code injection

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

CVE-2018-20468

CVE-2018-20468 affects Tyto Sahi Pro (versions up to 7.x.x and 8.0.0) where the web reports module’s export-to-Excel feature is vulnerable to CSV injection. An attacker can embed Excel formulas in an automation script, and after export, this can lead to code execution. The available documentation...

CVE-2018-20468

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

Joomla! 3.6.x < 3.9.7 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A CSV injection exists in versions 3.9.0 to 3.9.6 within the CSV export of comactionslogs - A cross-site scripting XSS vulnerability exists in versions 3.6.0 to 3.9.6 due to...

Aida64 6.00.5100 - (Log to CSV File) Local SEH Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

Aida64 6.00.5100 SEH Buffer Overflow

!/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

Aida64 6.00.5100 - Log to CSV File Local SEH Buffer Overflow

Aida64 6.00.5100 - Log to CSV File Local SEH Buffer Overflow !/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage...

Fedora Update for phpMyAdmin FEDORA-2019-13d2ba0aed

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Joomla 3.6.x < 3.9.7 Multiple Vulnerabilites

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.6.x prior to 3.9.7. It is, therefore, affected by the following vulnerabilities: - Joomla versions 3.8.13 prior to 3.9.7 are affected by a vulnerability where a non-admin user may manipulate the...

Aida64 6.00.5100 - &#039;Log to CSV File&#039; Local SEH Buffer Overflow

!/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

Joomla! < 3.9.7 Multiple Vulnerabilities

Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Input validation

An issue was discovered in Joomla! before 3.9.7. The CSV export of comactionslogs is vulnerable to CSV injection...

CVE-2019-12765

An issue was discovered in Joomla! before 3.9.7. The CSV export of comactionslogs is vulnerable to CSV injection...

CVE-2019-12765

An issue was discovered in Joomla! before 3.9.7. The CSV export of comactionslogs is vulnerable to CSV injection...