Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1236

CWE-1236

Improper Neutralization of Formula Elements in a CSV File

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.

283 vulnerabilities with CWE-1236

CVE-2023-29918 MEDIUM

RosarioSIS 10.8.4 - Code Injection

CVE-2023-25348 HIGH

ChurchCRM 4.5.3 - Code Injection

CVE-2023-2258 HIGH

GitHub alfio-event/alf.io <2.0-M4-2304 - Info Disclosure

CVE-2023-29109 MEDIUM

SAP Application Interface Framework - Code Injection

CVE-2023-25611 MEDIUM

Fortinet FortiAnalyzer <7.2.1 - Code Injection

CVE-2022-3604 HIGH

Contact Form Entries <1.3.0 - Code Injection

CVE-2022-44738 MEDIUM

Patrick Robrecht Posts and Users Stats <1.1.3 - Info Disclosure

CVE-2022-42882 MEDIUM

Shambix Simple CSV/XLS Exporter <1.5.8 - Info Disclosure

CVE-2022-41616 HIGH

Kaushik Kalathiya Export Users Data CSV - Info Disclosure

CVE-2022-38702 MEDIUM

Nakashima Masahiro WP CSV Exporter <2.0 - Info Disclosure

CVE-2022-46821 MEDIUM

Jackmail <1.2.22 - Info Disclosure

CVE-2022-46809 MEDIUM

WPDeveloper ReviewX - XSS

CVE-2022-46804 MEDIUM

Narola Infotech Solutions LLP <1.3 - Info Disclosure

CVE-2022-46803 MEDIUM

Noptin Newsletter <1.9.5 - Info Disclosure

CVE-2022-46801 MEDIUM

Paul Ryley Site Reviews <6.2.0 - Info Disclosure

CVE-2022-45810 MEDIUM

Icegram Express <5.5.2 - Info Disclosure

CVE-2022-45370 MEDIUM

WebToffee WordPress Comments Import & Export <2.3.1 - Info Disclosure

CVE-2022-45360 MEDIUM

Commenter Emails <2.6.1 - Info Disclosure

CVE-2022-45348 MEDIUM

anmari amr <4.59.4 - Info Disclosure

CVE-2022-45078 MEDIUM

Solwin Infotech User Blocker <1.5.5 - Info Disclosure

CVE-2022-46802 MEDIUM

WebToffee Product Reviews Import Export <1.4.8 - Info Disclosure

CVE-2022-45357 MEDIUM

Lenderd 1003 Mortgage Application - Info Disclosure

CVE-2022-47442 MEDIUM

UsersWP <1.2.3.9 - Info Disclosure

CVE-2022-45350 MEDIUM

Simple History <3.3.1 - CSV Injection

CVE-2022-28864 HIGH

Nokia NetAct 22 - Code Injection

Previous Page 5 of 12 Next

Details

Vulnerabilities 283

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy