Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-24 | CVE-2020-9200 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Huawei Imanager Neteco 6000 V600R021C00 There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. | 7.8 |
| 2020-12-21 | CVE-2019-16959 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket. | 6.5 |
| 2020-12-14 | CVE-2020-28861 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Openasset Digital Asset Management OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application. | 5.3 |
| 2020-12-11 | CVE-2020-4633 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | 8.8 |
| 2020-11-30 | CVE-2020-4627 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. | 9.0 |
| 2020-11-20 | CVE-2020-28845 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Netskope 75.0 A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. | 7.8 |
| 2020-11-18 | CVE-2020-15301 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Salesagility Suitecrm SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. | 7.8 |
| 2020-11-09 | CVE-2020-4759 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Filenet Content Manager 5.5.4/5.5.5 IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. | 7.8 |
| 2020-11-05 | CVE-2020-26507 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Marmind 4.1.141.0 A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. | 7.8 |
| 2020-11-05 | CVE-2020-25398 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Mind Imind Server 3.13.65 CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. | 8.8 |