107 matches found
CVE-2019-20002
Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value provided by a low-privileged user in the Subject field of a help request form that is mishandled in a TicketActions/view?tab=group TSV export by an admin user...
CVE-2020-11548
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed...
SugarCRM Export Feature SQL Injection Vulnerability
SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the export function of SugarCRM. The vulnerability stems from a lack of input validation. An authenticated user with regular user rights can exploit this vulnerability to inject...
CVE-2019-12134
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in Workday through 32 via a value provided by a low-privileged user in a contact form field that is mishandled in a CSV export...
CVE-2018-20237
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature...
Open-AudIT 2.1 CSV Macro Injection
Exploit Title: Open-AudIT 2.1 - CSV Macro Injection Vulnerability Google Dork: N/A Date: 21-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://opmantek.com Software Link: https://www.open-audit.org/downloads.php Affected Version: 2.1 Category:...
Open-AudIT 2.1 - CSV Macro Injection
Hi Guys, Exploit Title: Open-AudIT 2.1 - CSV Macro Injection Vulnerability Google Dork: N/A Date: 21-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://opmantek.com Software Link: https://www.open-audit.org/downloads.php Affected Version: 2.1...
Joomla AcySMS 3.5.0 Component - CSV Macro Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component AcySMS 3.5.0 CSV Macro Injection Exploit Author: Sureshbabu Narvaneni Vendor Homepage: https://www.acyba.com Software Link: https://extensions.joomla.org/extensions/extension/communication/phone-a-sms/acysms/...
CVE-2018-9107
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...
CVE-2018-9107
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...
CVE-2018-9106
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export...
Design/Logic Flaw
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export...
CVE-2018-9107
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...
Pegasystem PEGA Platform Access Control Vulnerability
Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications for BPM Business Process Management, Case Management, Real Time Decision Making and CRM Customer Relationship Management. A security vulnerability exists in th...
Weblate: CSV Injection with the CVS export feature - Glossary
Hi, The "Download as a CSV" feature of Weblate does not properly "escape" fields. Here is more information about this issue: http://www.contextis.com/resources/blog/comma-separated-vulnerabilities/ Here is one method to reproduce this issue: 1 I can add new information in Glossary with a name...
Gratipay: CSV injection in gratipay.com via payment history export feature.
I discovered this issues thanks to Matt who pointed out that the participant's name is directly placed into a CSV file: https://github.com/gratipay/gratipay.com/issues/4399issuecomment-292250609 Summary --- Gratipay allows users to export payment history as a .csv file. By injecting a payload int...
UBUNTU-CVE-2016-6611
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...
HackerOne: Partial disclosure of report activity through new "Export as .zip" feature
Hello Team, I noticed a new feature has been launched, which allows to export report. Great feature. But unfortunately it discloses comments of partially disclosed reports which supposed to be hidden.. POC: Go to this partially disclosed report https://hackerone.com/reports/██████████ Click Expor...
UDAdmin.exe tool has been enhanced for better reporting and exporting of User Device License usage
Question: How to check license usage in Xendesktop/Xenapp with the enhanced UDAdmin.exe tool for reporting and monitoring? Answer: With License Server 11.14.0.1 Build 23101, some enhancements have been made to the UDAdmin command for better reporting of User Device License usage. The enhancements...
MGASA-2016-0291 Updated phpmyadmin packages fix security vulnerability
In phpMyAdmin before 4.4.15.8, the decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Also, the same initialization vector IV is used to hash the username and...