63 matches found
CSV Injection
Ghost is vulnerable to CSV Injection. The vulnerability is due to inadequate input sanitization during member CSV export, allowing malicious content to be injected into CSV files, and executed when opened by a spreadsheet application...
Contact Form Entries < 1.3.0 - CSV Injection
The plugin does not validate data when its output in a CSV file, which could lead to CSV injection. - Submit a form using Contact Form 7, Ninja Forms, Elementor Forms or WP Forms using =5+5 as the value - Export the data as CSV /wp-admin/admin.php?page=vxcfleads - Open the CSV with a spreadsheet...
Contact Form Entries < 1.3.0 - CSV Injection
The plugin does not validate data when its output in a CSV file, which could lead to CSV injection. PoC - Submit a form using Contact Form 7, Ninja Forms, Elementor Forms or WP Forms using =5+5 as the value - Export the data as CSV /wp-admin/admin.php?page=vxcfleads - Open the CSV with a...
FluentForm < 4.3.13 - CSV Injection
The plugin does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection PoC - As unauthenticated, submit a form using =5+5 as value in any field - As admin, export the data as CSV /wp-admin/admin.php?page=fluentformsid=1=entries - open the CSV with a...
FluentForm < 4.3.13 - CSV Injection
The plugin does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection - As unauthenticated, submit a form using =5+5 as value in any field - As admin, export the data as CSV /wp-admin/admin.php?page=fluentforms&formid=1&route=entries - open the CSV with a...
Easy Digital Downloads < 3.1.0.2 - Unauthenticated CSV Injection
The plugin does not validate data when its output in a CSV file, which could lead to CSV injection. - Submit an order using =5+5 as "first name" and empty "last name" the plugin allows that. - Export the data as CSV from Reports Export. - Open the CSV with a spreadsheet application Excel, Libre...
Mobile Events Manager < 1.4.8 - Admin+ CSV Injection
The plugin does not properly escape the Enquiry source field when exporting events, or the Paid for field when exporting transactions as CSV, leading to a CSV injection vulnerability. PoC Export events with malicious CSV: 1. Create and save a new Enquiry source and add the following in the name...
Mobile Events Manager < 1.4.8 - Admin+ CSV Injection
The plugin does not properly escape the Enquiry source field when exporting events, or the Paid for field when exporting transactions as CSV, leading to a CSV injection vulnerability. Export events with malicious CSV: 1. Create and save a new Enquiry source and add the following in the name field...
CVE-2021-38424
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application...
CVE-2021-38424
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application...
Code injection
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application...
CVE-2021-38424 Delta Electronics DIALink
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application...
CVE-2021-22153
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM versions 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of th...
CVE-2021-22153
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM versions 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of th...
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince...
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince Websit...
Microsoft Excel Sheet Name Memory Corruption - Ver2 (CVE-2007-3490)
Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...
Microsoft Excel SxView Record Parsing Memory Corruption (MS10-038) - Ver2 (CVE-2010-0821)
Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...
Microsoft Excel REPT Function Integer Overflow (MS08-057) - Ver2 (CVE-2008-4019)
Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formula, and various data sources. The common extension used for Microsoft Excel documents is .xls, .xlsx a...
Microsoft Excel HFPicture Record Stack Overflow (MS10-038) - Ver2 (CVE-2010-1248)
Microsoft Excel is a popular spreadsheet application. A stack overflow vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this flaw by...