2 matches found
CVE-2019-13181
A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7...
CVE-2019-13181
CVE-2019-13181 affects SolarWinds Serv-U FTP Server v15.1.7 where the web UI allows CSV injection: table entries can contain a string that is evaluated by Excel as a DDE macro when exporting user data (privileged users can inject macros via description fields). The vulnerability stems from input ...