Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-03 | CVE-2021-27839 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Bigprof Online Invoicing System A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to. | 4.4 |
| 2021-02-26 | CVE-2021-21302 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Prestashop PrestaShop is a fully scalable open source e-commerce solution. | 7.2 |
| 2021-02-06 | CVE-2020-9205 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Huawei Manageone 8.0.1 There has a CSV injection vulnerability in ManageOne 8.0.1. | 4.9 |
| 2021-01-26 | CVE-2021-3188 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPlist 3.6.0 phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports. | 9.8 |
| 2020-12-24 | CVE-2020-9200 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Huawei Imanager Neteco 6000 V600R021C00 There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. | 7.8 |
| 2020-12-21 | CVE-2019-16959 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket. | 6.5 |
| 2020-12-14 | CVE-2020-28861 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Openasset Digital Asset Management OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application. | 5.3 |
| 2020-12-11 | CVE-2020-4633 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | 8.8 |
| 2020-11-30 | CVE-2020-4627 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. | 9.0 |
| 2020-11-20 | CVE-2020-28845 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Netskope 75.0 A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. | 7.8 |