Vulnerabilities > CVE-2018-10504 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Web-Dorado Form Maker
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | WordPress Plugin Form Maker 1.12.20 - CSV Injection. CVE-2018-10504. Webapps exploit for PHP platform |
file | exploits/php/webapps/44559.txt |
id | EDB-ID:44559 |
last seen | 2018-05-24 |
modified | 2018-04-30 |
platform | php |
port | |
published | 2018-04-30 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/44559/ |
title | WordPress Plugin Form Maker 1.12.20 - CSV Injection |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/147408/wpformmaker11220-inject.txt |
id | PACKETSTORM:147408 |
last seen | 2018-05-07 |
published | 2018-04-30 |
reporter | Jetty Sairam |
source | https://packetstormsecurity.com/files/147408/WordPress-Form-Maker-1.12.20-CSV-Injection.html |
title | WordPress Form Maker 1.12.20 CSV Injection |