Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-06 | CVE-2020-25170 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Bbraun Onlinesuite Application Package An Excel Macro Injection vulnerability exists in the export feature in the B. | 6.8 |
| 2020-11-05 | CVE-2020-26507 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Marmind 4.1.141.0 A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. | 9.3 |
| 2020-11-05 | CVE-2020-25398 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Mind Imind Server 3.13.65 CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. | 6.8 |
| 2020-11-04 | CVE-2020-22274 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Jomsocial 4.7.6 JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. | 7.5 |
| 2020-11-04 | CVE-2020-22278 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyadmin phpMyAdmin through 5.0.2 allows CSV injection via Export Section. | 8.8 |
| 2020-11-04 | CVE-2020-22277 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. | 8.0 |
| 2020-11-04 | CVE-2020-22276 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Weformspro Weforms 1.4.7 WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. | 7.5 |
| 2020-10-28 | CVE-2020-24707 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Getgophish Gophish Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content. | 9.3 |
| 2020-10-16 | CVE-2020-15255 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Anuko Time Tracker In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign). | 6.0 |
| 2020-09-22 | CVE-2020-14026 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ozeki NG SMS Gateway CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export. | 9.3 |