CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2021-05-13
Medium
CVE-2021-22153

Vendor: Blackberry
Software: Unified endp...
 

 

 
2021-04-27
Medium
CVE-2021-29667

Updating...
 

 
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 199403.

 
2021-04-08
Waiting for details
CVE-2021-1475

Updating...
 

 
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

 
Waiting for details
CVE-2021-1474

Updating...
 

 
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

 
2021-03-03
Medium
CVE-2021-27839

Vendor: Bigprof
Software: Online invoi...
 

 
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to.

 
2021-02-26
Medium
CVE-2021-21302

Vendor: Prestashop
Software: Prestashop
 

 
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in 1.7.7.2

 
2021-02-19
Medium
CVE-2020-19513

Vendor: Aida64
Software: Aida64
 

 
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler.

 
2021-02-06
Low
CVE-2020-9205

Vendor: Huawei
Software: Manageone
 

 
There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.

 
2021-01-26
High
CVE-2021-3188

Vendor: Phplist
Software: Phplist
 

 
phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.

 
2020-12-24
Medium
CVE-2020-9200

Vendor: Huawei
Software: Imanager net...
 

 
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top