6 matches found
EUVD-2023-49889
Malicious code in bioql PyPI...
CVE-2023-45597
A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the “fileconfiguration” functionality of the web application concerning the function “exportfile” allows a remote authenticated attacker to inject arbitrary formulas inside generated CSV files. This issue...
CVE-2023-45597
The CVE-2023-45597 entry describes a CWE-1236 vulnerability in the AiLux imx6 bundle, specifically in the file_configuration/export_file function. An authenticated, remote attacker can inject arbitrary formulas into generated CSV files due to improper neutralization of formula elements in CSV out...
CVE-2023-45597
A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the “fileconfiguration” functionality of the web application concerning the function “exportfile” allows a remote authenticated attacker to inject arbitrary formulas inside generated CSV files. This issue...
CVE-2023-45596
The CVE-2023-45596 issue affects AiLux imx6 bundle prior to version imx6_1.0.7-2. A CWE-425 Direct Request/Forced Browsing vulnerability in the web app’s file_configuration functionality allows remote unauthenticated access to confidential configuration files. Root cause: missing/weak authorizati...
CVE-2023-45595
A CWE-434 “Unrestricted Upload of File with Dangerous Type” vulnerability in the “fileconfiguration” functionality of the web application allows a remote authenticated attacker to upload any arbitrary type of file into the device. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...