Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-24 | CVE-2022-28864 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Nokia Netact 22.0.0.62 An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. | 8.8 |
| 2023-07-18 | CVE-2023-3527 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Avaya Call Management System 17.0/18.0.0.1/18.0.0.2 A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel. | 6.8 |
| 2023-07-10 | CVE-2023-28958 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Watson Knowledge Catalog on Cloud PAK for Data 4.0 IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. | 7.8 |
| 2023-06-29 | CVE-2022-46408 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2 Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. | 6.8 |
| 2023-06-22 | CVE-2023-31867 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Sage X3 12.14.0.500 Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection. | 7.2 |
| 2023-06-05 | CVE-2023-33410 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Minical 1.0.0 Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. | 8.8 |
| 2023-05-02 | CVE-2023-29918 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Rosariosis 10.8.4 RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module. | 5.4 |
| 2023-04-25 | CVE-2023-25348 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Churchcrm 4.5.3 ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and First Name input fields when creating a new person. | 7.8 |
| 2023-03-07 | CVE-2023-25611 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Fortinet Fortianalyzer A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names. | 7.3 |
| 2023-01-01 | CVE-2022-37786 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Wecube-Platform Project Wecube-Platform 3.2.2 An issue was discovered in WeCube Platform 3.2.2. | 6.3 |