Lucene search
K

8 matches found

OSV
OSV
added 2023/05/11 8:41 p.m.15 views

GHSA-MQ3X-QGWX-3RFW Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection

Impact The pimcore application is vulnerable to Formula Injection/CSV Injection via the Firstname, Lastname, Street, Zip & City input fields. These vulnerabilities allow unauthenticated attackers to execute arbitrary code via a crafted excel file. Successful exploitation can lead to impacts such ...

7.8CVSS7.1AI score0.00406EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/05/11 8:41 p.m.24 views

Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection

Impact The pimcore application is vulnerable to Formula Injection/CSV Injection via the Firstname, Lastname, Street, Zip & City input fields. These vulnerabilities allow unauthenticated attackers to execute arbitrary code via a crafted excel file. Successful exploitation can lead to impacts such ...

7.8CVSS7.9AI score0.00406EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/05/03 12:0 a.m.16 views

GHSA-F9P3-H6CG-2CJR Improper neutralization of formula elements in yii-helpers

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...

7.8CVSS7.9AI score0.0234EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/05/03 12:0 a.m.21 views

Improper neutralization of formula elements in yii-helpers

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...

8CVSS3.6AI score0.0234EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2022/05/01 12:15 p.m.17 views

CVE-2022-1544

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...

8CVSS0.0234EPSS
Exploits1References2
Prion
Prion
added 2022/05/01 12:15 p.m.12 views

Command injection

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...

6.8CVSS8AI score0.0234EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/01 11:45 a.m.21 views

CVE-2022-1544 Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...

8CVSS8.2AI score0.0234EPSS
Exploits1References2
OSV
OSV
added 2022/05/01 11:45 a.m.16 views

CVE-2022-1544 Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained...

8CVSS8.2AI score0.0234EPSS
Exploits1References4
Rows per page
Query Builder