Lucene search
K

56 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-17861

Malware in sbrugna...

7.8CVSS7.6AI score0.00965EPSS
Exploits0References2
NVD
NVD
added 2022/04/08 5:15 p.m.16 views

CVE-2021-43515

CSV Injection aka Excel Macro Injection or Formula Injection exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file...

7.8CVSS0.00999EPSS
Exploits0References1
OSV
OSV
added 2022/04/08 5:15 p.m.26 views

CVE-2021-43515

CSV Injection aka Excel Macro Injection or Formula Injection exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file...

7.8CVSS7.7AI score
Exploits0References1
Cvelist
Cvelist
added 2022/04/08 4:23 p.m.31 views

CVE-2021-43515

CSV Injection aka Excel Macro Injection or Formula Injection exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file...

7.9AI score0.00999EPSS
Exploits0References1
CVE
CVE
added 2022/04/08 4:23 p.m.92 views

CVE-2021-43515

CVE-2021-43515 corresponds to a CSV Injection vulnerability in Kimai 2. The issue arises when creating a new timesheet and entering a payload in the Description field; during CSV export, this input is not sanitized and can be interpreted by spreadsheet programs (e.g., Excel) as formulas or comman...

7.8CVSS7.6AI score0.00999EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2021/04/27 12:0 a.m.253 views

Kimai 1.14 CSV Injection

Exploit Title: Kimai 1.14 - CSV Injection Date: 26/04/2021 Exploit Author: Mohammed Aloraimi Vendor Homepage: https://www.kimai.org/ Software Link: https://github.com/kevinpapst/kimai2 Version: 1.14 Payload: @SUM1+9cmd|' /C calc'!A0 Tested on: Win10x64 Proof Of Concept: CSV Injection aka Excel...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/04/27 12:0 a.m.45 views

Kimai 1.14 - CSV Injection Vulnerability

Exploit Title: Kimai 1.14 - CSV Injection Exploit Author: Mohammed Aloraimi Vendor Homepage: https://www.kimai.org/ Software Link: https://github.com/kevinpapst/kimai2 Version: 1.14 Payload: @SUM1+9cmd|' /C calc'!A0 Tested on: Win10x64 Proof Of Concept: CSV Injection aka Excel Macro Injection or...

Exploits0
Exploit DB
Exploit DB
added 2020/12/01 12:0 a.m.366 views

Tendenci 12.3.1 - CSV/ Formula Injection

Exploit Title: Tendenci 12.3.1 - CSV/ Formula Injection Date: 2020-10-29 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.tendenci.com/ Software Link: https://github.com/tendenci/tendenci Version: 12.3.1 Payload: =10+20+cmd|' /C calc'!A0 Tested on: Kali Linux 2020.3 Proof Of...

7.4AI score
Exploits0
OSV
OSV
added 2020/11/06 5:15 p.m.3 views

CVE-2020-25170

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export...

7.8CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2020/11/06 5:15 p.m.16 views

Design/Logic Flaw

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export...

6.8CVSS8.3AI score0.00965EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/09/22 6:15 p.m.11 views

CVE-2020-14026

CSV Injection aka Excel Macro Injection or Formula Injection exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export...

9.3CVSS0.01732EPSS
Exploits1References3
Prion
Prion
added 2020/09/22 6:15 p.m.18 views

Design/Logic Flaw

CSV Injection aka Excel Macro Injection or Formula Injection exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export...

9.3CVSS8.8AI score0.01732EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/09/22 5:32 p.m.15 views

CVE-2020-14026

CSV Injection aka Excel Macro Injection or Formula Injection exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export...

8.8AI score0.01732EPSS
Exploits1References3
CVE
CVE
added 2020/09/22 5:32 p.m.54 views

CVE-2020-14026

CSV Injection in Ozeki NG SMS Gateway (Export Of Contacts CSV) up to version 4.17.6 is caused by mishandling values in CSV export. Several sources describe potential command execution when a malicious CSV is opened, indicating a high-severity issue with remote code execution implications in affec...

9.3CVSS8.7AI score0.01732EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2020/08/20 1:17 a.m.16 views

CVE-2020-13826

A CSV injection aka Excel Macro Injection or Formula Injection issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export...

8.8CVSS9.1AI score0.01499EPSS
Exploits1References1
OSV
OSV
added 2020/08/20 1:17 a.m.3 views

CVE-2020-13826

A CSV injection aka Excel Macro Injection or Formula Injection issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export...

8.8CVSS7.5AI score
Exploits0References1
Prion
Prion
added 2020/08/20 1:17 a.m.23 views

Design/Logic Flaw

A CSV injection aka Excel Macro Injection or Formula Injection issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export...

6.8CVSS9.1AI score0.01499EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/08/19 7:39 p.m.70 views

CVE-2020-13826

The CVE-2020-13826 entry concerns i-doit 1.14.2, where a CSV export mishandles the Title parameter, enabling CSV/Excel macro injection that could execute arbitrary commands. This is a vulnerability in the CSV export functionality, caused by unsafely embedded data in export output. Affected compon...

8.8CVSS9.1AI score0.01499EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/08/19 7:39 p.m.25 views

CVE-2020-13826

A CSV injection aka Excel Macro Injection or Formula Injection issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export...

9.2AI score0.01499EPSS
Exploits1References1
Prion
Prion
added 2020/03/16 10:15 p.m.18 views

Design/Logic Flaw

Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability via a crafted name that is mishandled by the Export Passwords feature. NOTE: the vendor disputes the significance of this report because they expect CSV risk mitigation to be provided by an external...

7.5CVSS9.4AI score0.07794EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder