Total
176 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-26867 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2023-12-10 | 6.0 MEDIUM | 8.0 HIGH |
PowerStore SW v2.1.1.0 supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It allows a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file. | |||||
CVE-2022-1544 | 1 Luya | 1 Yii-helpers | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data. | |||||
CVE-2022-24770 | 1 Gradio Project | 1 Gradio | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
`gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output data into a CSV file on the developer's computer. This can allow a user to save arbitrary text into the CSV file, such as commands. If a program like MS Excel opens such a file, then it automatically runs these commands, which could lead to arbitrary commands running on the user's computer. The problem has been patched as of `2.8.11`, which escapes the saved csv with single quotes. As a workaround, avoid opening csv files generated by `gradio` with Excel or similar spreadsheet programs. | |||||
CVE-2021-43515 | 1 Kimai | 1 Kimai | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file. | |||||
CVE-2022-2027 | 1 Kromit | 1 Titra | 2023-12-10 | 3.5 LOW | 8.0 HIGH |
Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0. | |||||
CVE-2021-23286 | 1 Eaton | 1 Intelligent Power Manager | 2023-12-10 | 7.9 HIGH | 8.0 HIGH |
Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. This issue affects: Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) all version 1.5.0plus205 and prior versions. | |||||
CVE-2020-36503 | 1 Connections-pro | 1 Connections Business Directory | 2023-12-10 | 6.0 MEDIUM | 8.0 HIGH |
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue | |||||
CVE-2022-22689 | 1 Broadcom | 1 Ca Harvest Software Change Manager | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands. | |||||
CVE-2021-25960 | 1 Salesagility | 1 Suitecrm | 2023-12-10 | 6.0 MEDIUM | 8.0 HIGH |
In “SuiteCRM” application, v7.11.18 through v7.11.19 and v7.10.29 through v7.10.31 are affected by “CSV Injection” vulnerability (Formula Injection). A low privileged attacker can use accounts module to inject payloads in the input fields. When an administrator access accounts module to export the data as a CSV file and opens it, the payload gets executed. This was not fixed properly as part of CVE-2020-15301, allowing the attacker to bypass the security measure. | |||||
CVE-2021-25962 | 1 Shuup | 1 Shuup | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
“Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and opens it, the payload gets executed. | |||||
CVE-2021-41270 | 2 Fedoraproject, Sensiolabs | 2 Fedora, Symfony | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\t`, `\r` as well as `=`, `+`, `-` and `@`. | |||||
CVE-2021-38180 | 1 Sap | 1 Business One | 2023-12-10 | 9.3 HIGH | 9.8 CRITICAL |
SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim allows to execute macros while opening the file and the security settings of Excel allow for command execution. | |||||
CVE-2021-41824 | 1 Craftcms | 1 Craft Cms | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Craft CMS before 3.7.14 allows CSV injection. | |||||
CVE-2021-36334 | 1 Dell | 1 Emc Cloud Link | 2023-12-10 | 6.0 MEDIUM | 6.8 MEDIUM |
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to arbitrary code execution on end user machine | |||||
CVE-2021-37131 | 1 Huawei | 3 Imanager Neteco, Imanager Neteco 6000, Manageone | 2023-12-10 | 6.0 MEDIUM | 6.8 MEDIUM |
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device. | |||||
CVE-2022-22121 | 1 Xgenecloud | 1 Nocodb | 2023-12-10 | 6.0 MEDIUM | 8.0 HIGH |
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed. | |||||
CVE-2021-38424 | 1 Deltaww | 1 Dialink | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application. | |||||
CVE-2021-23654 | 1 Html-to-csv Project | 1 Html-to-csv | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files. | |||||
CVE-2021-24016 | 1 Fortinet | 1 Fortimanager | 2023-12-10 | 9.3 HIGH | 6.3 MEDIUM |
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host. | |||||
CVE-2021-40848 | 1 Mahara | 1 Mahara | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV injection. |