103 matches found
C5 Firefly III CSV Injection.
Summary CSV injection is a vulnerability where untrusted user input in CSV files can lead to unauthorized access or data manipulation. In my subsequent testing of the application. Details I discovered that there is an option to "Export Data" from the web app to your personal computer, which expor...
CVE-2023-50448
In ActiveAdmin aka Active Admin before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data that belongs to another user by making CSV export requests at certain specific times...
CVE-2023-5886
The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading t...
Sensitive Information Disclosure
activeadmin is vulnerable to Sensitive Information Disclosure. The vulnerability is caused due to a concurrency issue wherein a malicious user is able to access private data of another user. The export data feature is affected, caused by a variable holding collection to be exported which is not...
PT-2023-32392 · WordPress · Export Any Wordpress Data To Xml/Csv +1
Name of the Vulnerable Software and Affected Versions: Export any WordPress data to XML/CSV WordPress plugin versions prior to 1.4.0 WP All Export Pro WordPress plugin versions prior to 1.8.6 Description: The issue allows attackers to make logged-in users perform unwanted actions, leading to remo...
PT-2023-32697
Name of the Vulnerable Software and Affected Versions h2oai/h2o-3 affected versions not specified Description The issue allows unauthenticated users to overwrite any file accessible to the user who executes h2o.init, potentially resulting in a denial of service. Remote unauthenticated attackers c...
CVE-2023-35985
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. ...
PT-2023-7348 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions 12.1.3.15356 Description: The issue is related to errors in processing hyperlinks and mistreatment of whitespace characters in the Javascript exportDataObject API. This can allow a remote attacker to execute arbitrar...
PT-2023-32558 · M Files · M-Files Server
Name of the Vulnerable Software and Affected Versions: M-Files server versions prior to 23.11.13156.0 Description: The issue is related to missing access permissions checks in the M-Files server, allowing attackers to perform data write and export jobs using the M-Files API methods...
PT-2023-13999 · Unknown · Export Users Data Csv
Name of the Vulnerable Software and Affected Versions: Export Users Data CSV versions through 2.1 Description: The issue is related to the improper neutralization of formula elements in a CSV file, which affects the Export Users Data CSV. Recommendations: For versions through 2.1, update to a...
Yaralyzer - Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors
Visually inspect all of the regex matches and their sexier, more cloak and dagger cousins, the YARA matches found in binary data and/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start pipx install yaralyzer Scan against YARA...
Foxit PDF Reader 代码问题漏洞
Foxit PDF Reader is a PDF reader from Foxit China. versions before Foxit PDF Reader 12.0.1 and PDF Editor 12.0.1 have a security vulnerability that stems from the presence of null pointer references in its exportXFAData. No detailed vulnerability details are available at this time...
GHSA-2CG3-W597-RJFV Magento 2 Community Edition Arbitrary File Deletion
An arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with export data transfer privileges can craft a request to perform arbitrary file deletion...
Magento 2 Community Edition Arbitrary File Deletion
An arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with export data transfer privileges can craft a request to perform arbitrary file deletion...
CVE-2022-0914
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a logged in admin export all posts and pages including private and draft into an arbitrary CSV file, which the attacker can then download and retrieve the list of...
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File
Description Formula Injection/CSV Injection in "Firstname" & "Lastname" due to Improper Neutralization of Formula Elements in CSV File. Proof of Concept 1.Go to a Preferences from the user account and in Personal info of "Firstname" & "Lastname" insert the below payloads. 2.Payloads:-...
CVE-2022-23902
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in exportdata.php via the dname parameter...
CVE-2022-23902
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in exportdata.php via the dname parameter...
Tongda2000 SQL注入漏洞
A SQL injection vulnerability exists in Tongda2000, a web-based intelligent office system from China Tongda, which originates from the dname parameter in the product's exportdata.php file that does not securely handle special characters in user input data. An attacker can execute malicious SQL...
PT-2022-16322 · Unknown · Tongda2000
Name of the Vulnerable Software and Affected Versions: Tongda2000 version 11.10 Description: A SQL injection issue was found in export data.php via the d name parameter. This allows for potential exploitation. Recommendations: For Tongda2000 version 11.10, consider restricting access to the expor...