Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-05 | CVE-2023-33410 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Minical 1.0.0 Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. | 8.8 |
| 2023-05-02 | CVE-2023-29918 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Rosariosis 10.8.4 RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module. | 5.4 |
| 2023-04-25 | CVE-2023-25348 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Churchcrm 4.5.3 ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and First Name input fields when creating a new person. | 7.8 |
| 2023-03-07 | CVE-2023-25611 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Fortinet Fortianalyzer A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names. | 7.3 |
| 2023-01-01 | CVE-2022-37786 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Wecube-Platform Project Wecube-Platform 3.2.2 An issue was discovered in WeCube Platform 3.2.2. | 6.3 |
| 2022-11-29 | CVE-2022-4034 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. | 7.8 |
| 2022-11-21 | CVE-2022-44830 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Event Registration Application Project Event Registration Application 1.0 Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. | 7.8 |
| 2022-11-17 | CVE-2022-41791 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Metagauss Profilegrid Auth. | 8.8 |
| 2022-11-03 | CVE-2022-22425 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. | 9.8 |
| 2022-10-31 | CVE-2022-40294 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPpointofsale PHP Point of Sale 19.0 The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. | 8.8 |