Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2022-4034 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. | 7.8 |
| 2022-11-21 | CVE-2022-44830 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Event Registration Application Project Event Registration Application 1.0 Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. | 7.8 |
| 2022-11-17 | CVE-2022-41791 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Metagauss Profilegrid Auth. | 8.8 |
| 2022-11-03 | CVE-2022-22425 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. | 9.8 |
| 2022-10-31 | CVE-2022-40294 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPpointofsale PHP Point of Sale 19.0 The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. | 8.8 |
| 2022-09-29 | CVE-2022-40472 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Zktec Zkbio Time 8.0.7 ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to contain a CSV injection vulnerability. | 8.0 |
| 2022-09-23 | CVE-2022-38061 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Apasionados Export Post Info Authenticated (author+) CSV Injection vulnerability in Export Post Info plugin <= 1.2.0 at WordPress. | 5.7 |
| 2022-09-16 | CVE-2022-38844 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Espocrm 7.1.8 CSV Injection in Create Contacts in EspoCRM 7.1.8 allows remote authenticated users to run system commands via creating contacts with payloads capable of executing system commands. | 8.0 |
| 2022-09-06 | CVE-2022-2429 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ultimatesmsnotifications Ultimate SMS Notifications for Woocommerce 1.4.1 The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. | 8.0 |
| 2022-09-06 | CVE-2022-3026 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Wp-Users-Exporter Project Wp-Users-Exporter 1.4.2 The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. | 8.8 |