11 matches found
CVE-2023-49060
An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the referrerpolicy attribute. This vulnerability affects Firefox for iOS 120...
CVE-2023-49060
CVE-2023-49060 affects Firefox for iOS prior to 120. The issue allows an attacker to exfiltrate a security key from Reader Mode by abusing the referrerpolicy attribute, potentially enabling access to internal pages/data. Root cause: misuse of Reader Mode and referrer policy handling leading to da...
CVE-2023-49060
An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the referrerpolicy attribute. This vulnerability affects Firefox for iOS 120...
GHSA-MQ3X-QGWX-3RFW Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection
Impact The pimcore application is vulnerable to Formula Injection/CSV Injection via the Firstname, Lastname, Street, Zip & City input fields. These vulnerabilities allow unauthenticated attackers to execute arbitrary code via a crafted excel file. Successful exploitation can lead to impacts such ...
Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection
Impact The pimcore application is vulnerable to Formula Injection/CSV Injection via the Firstname, Lastname, Street, Zip & City input fields. These vulnerabilities allow unauthenticated attackers to execute arbitrary code via a crafted excel file. Successful exploitation can lead to impacts such ...
GHSA-F9P3-H6CG-2CJR Improper neutralization of formula elements in yii-helpers
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...
Improper neutralization of formula elements in yii-helpers
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...
CVE-2022-1544
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...
Command injection
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...
CVE-2022-1544 Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...
CVE-2022-1544 Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...