Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-09 | CVE-2020-4759 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Filenet Content Manager 5.5.4/5.5.5 IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. | 7.8 |
| 2020-11-05 | CVE-2020-26507 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Marmind 4.1.141.0 A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. | 7.8 |
| 2020-11-05 | CVE-2020-25398 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Mind Imind Server 3.13.65 CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. | 8.8 |
| 2020-11-04 | CVE-2020-22274 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Jomsocial 4.7.6 JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. | 9.8 |
| 2020-11-04 | CVE-2020-22278 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyadmin phpMyAdmin through 5.0.2 allows CSV injection via Export Section. | 8.8 |
| 2020-11-04 | CVE-2020-22277 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. | 8.0 |
| 2020-11-04 | CVE-2020-22276 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Weformspro Weforms 1.4.7 WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. | 9.8 |
| 2020-11-04 | CVE-2020-22275 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Easyregistrationforms Easy Registration Forms 2.0.6 Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. | 8.8 |
| 2020-10-28 | CVE-2020-24707 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Getgophish Gophish Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content. | 7.8 |
| 2020-10-16 | CVE-2020-15255 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Anuko Time Tracker In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign). | 7.3 |