Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/05/26 2:12 a.m.10 views

CVE-2023-54348

ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the exported CSV in a spreadsheet application. Attackers can add malicious formulas like =10+20+cmd|' ...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 12:16 p.m.10 views

CVE-2023-54348

ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the exported CSV in a spreadsheet application. Attackers can add malicious formulas like =10+20+cmd|' ...

8.8CVSS0.00352EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/05 11:24 a.m.35 views

CVE-2023-54348 ERPGo SaaS 3.9 CSV Injection via Vendor Creation

ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the exported CSV in a spreadsheet application. Attackers can add malicious formulas like =10+20+cmd|' ...

8.8CVSS0.00352EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/05 11:24 a.m.4 views

CVE-2023-54348 ERPGo SaaS 3.9 CSV Injection via Vendor Creation

ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the exported CSV in a spreadsheet application. Attackers can add malicious formulas like =10+20+cmd|' ...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References4
CVE
CVE
added 2026/05/05 11:24 a.m.7 views

CVE-2023-54348

CVE-2023-54348 affects ERPGo SaaS 3.9. The issue is a CSV injection vulnerability in vendor creation: an authenticated user can inject formula payloads into the vendor name field, which execute when the exported CSV is opened in spreadsheet applications. A sample payload is =10+20+cmd|' /C calc'!...

8.8CVSS6.2AI score0.00352EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.250 views

ERPGo SaaS 3.9 - CSV Injection

Exploit Title: ERPGo SaaS 3.9 - CSV Injection Date: 18/01/2023 Exploit Author: Sajibe Kanti Vendor Name: RajodiyaInfotech Vendor Homepage: https://rajodiya.com/ Software Link: https://codecanyon.net/item/erpgo-saas-all-in-one-business-erp-with-project-account-hrm-crm-pos/33263426 Version: 3.9...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/11 12:0 a.m.262 views

ERPGo SaaS CRM 3.3 Arbitrary File Upload

==================================================================================================================================== | Title : ERPGo SaaS CRM v3.3 Arbitrary File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

0.5AI score
Exploits0
Rows per page
Query Builder