Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-17 | CVE-2022-2112 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Inventree Project Inventree Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2. | 8.8 |
| 2022-06-13 | CVE-2022-1202 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Usabilitydynamics Wp-Crm 1.2.1 The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability. | 6.8 |
| 2022-06-09 | CVE-2022-2027 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Kromit Titra Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0. | 3.5 |
| 2022-06-07 | CVE-2020-36531 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Sevone Network Performance Management A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. | 6.0 |
| 2022-06-02 | CVE-2022-26867 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Dell Powerstoreos PowerStore SW v2.1.1.0 supports the option to export data to either a CSV or an XLSX file. | 6.0 |
| 2022-05-01 | CVE-2022-28481 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Csv-Safe Project Csv-Safe CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection. | 7.5 |
| 2022-05-01 | CVE-2022-1544 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Luya Yii-Helpers Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. | 6.8 |
| 2022-04-19 | CVE-2022-29315 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Invicti Acunetix Invicti Acunetix before 14 allows CSV injection via the Description field on the Add Targets page, if the Export CSV feature is used. | 9.3 |
| 2022-04-18 | CVE-2021-23286 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Eaton Intelligent Power Manager Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) version 1.5.0plus205 and all prior versions are vulnerable to CSV Formula Injection. | 8.0 |
| 2022-04-14 | CVE-2021-43257 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Mantisbt Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel. | 6.0 |