Vulnerabilities > Phpoffice

DATE CVE VULNERABILITY TITLE RISK
2024-10-07 CVE-2024-45060 Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files.
network
low complexity
phpoffice CWE-79
6.1
6.1
2024-10-07 CVE-2024-45290 Absolute Path Traversal vulnerability in PHPoffice PHPspreadsheet
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files.
network
low complexity
phpoffice CWE-36
7.5
7.5
2024-10-07 CVE-2024-45291 Server-Side Request Forgery (SSRF) vulnerability in PHPoffice PHPspreadsheet
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files.
network
low complexity
phpoffice CWE-918
8.8
8.8
2024-08-28 CVE-2024-45046 Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files.
network
low complexity
phpoffice CWE-79
5.4
5.4
2024-08-28 CVE-2024-45048 XXE vulnerability in PHPoffice PHPspreadsheet
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files.
network
low complexity
phpoffice CWE-611
6.5
6.5
2020-12-09 CVE-2020-7776 Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet
This affects the package phpoffice/phpspreadsheet from 0.0.0.
network
low complexity
phpoffice CWE-79
6.4
6.4
2019-11-07 CVE-2019-12331 XXE vulnerability in PHPoffice PHPspreadsheet
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue.
network
low complexity
phpoffice CWE-611
8.8
8.8
2018-11-14 CVE-2018-19277 XML Injection (aka Blind XPath Injection) vulnerability in PHPoffice PHPspreadsheet
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file
network
low complexity
phpoffice CWE-91
8.8
8.8