Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1236

CWE-1236

Improper Neutralization of Formula Elements in a CSV File

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.

283 vulnerabilities with CWE-1236

CVE-2025-8808 MEDIUM

xujeff tianti <2.3 - CSV Injection

CVE-2025-50572 HIGH

Archer 6.11.00204.10014 - RCE

CVE-2025-54752 MEDIUM

PowerCMS - Code Injection

CVE-2025-6838 MEDIUM

Broken Link Notifier <1.3.0 - Code Injection

CVE-2025-7061 LOW

Intelbras InControl <2.21.60.9 - CSV Injection

CVE-2025-1421 LOW

Konsola Proget <2.17.5 - Info Disclosure

CVE-2025-4546 MEDIUM

1Panel-dev MaxKB <1.10.7 - CSV Injection

CVE-2025-1836 MEDIUM

Incorta 2023.4.3 - Code Injection

CVE-2024-55532 CRITICAL

Apache Ranger <2.6.0 - Info Disclosure

CVE-2024-45084 HIGH

IBM Cognos Controller <11.0.2 - Command Injection

CVE-2024-47572 CRITICAL

Fortinet FortiSOAR <7.4.1 - Code Injection

CVE-2024-22063 HIGH

ZTE ZENIC ONE R58 - Command Injection

CVE-2024-9102 MEDIUM

phpLDAPadmin <1.2.6.7 - CSV Formula Injection

CVE-2024-53921 LOW

Samsung Magician 8.1.0 - Path Traversal

CVE-2024-53260 MEDIUM

Autolab - Info Disclosure

CVE-2024-53555 HIGH

Taiga <6.8.1 - Code Injection

CVE-2024-51094 HIGH

Snipe-IT <7.0.13 - Privilege Escalation

CVE-2024-47485 CRITICAL

HikCentral Master Lite - Code Injection

CVE-2024-27321 HIGH

Refuel Autolabel <0.0.8 - RCE

CVE-2024-27320 HIGH

Refuel Autolabel <0.0.8 - RCE

CVE-2024-41226 HIGH

Automation Anywhere Automation 360 <21094 - Code Injection

CVE-2024-3232 HIGH

Tenable Identity Exposure - Code Injection

CVE-2024-27785 MEDIUM

Fortinet FortiAIOps <2.0.0 - RCE

CVE-2024-28764 MEDIUM

IBM WebSphere Automation 1.7.0 - Command Injection

CVE-2024-3214 MEDIUM

Relevanssi - A Better Search <4.22.1 - Code Injection

Previous Page 2 of 12 Next

Details

Vulnerabilities 283

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy