Falhas do tipo CWE-1236
171 resultadosCVE-2025-11498MEDIUMCSV Formula Injection VulnerabilityEPSS 0.3%CVE-2025-14229MEDIUMSourceCodester Inventory Management System SVC Report Export csv injectionEPSS 0.3%CVE-2025-9241MEDIUMelunez eladmin exportUser csv injectionEPSS 0.3%CVE-2025-51735HIGHCSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0.EPSS 0.3%CVE-2025-8767MEDIUMAnWP Football Leagues <= 0.16.17 - Authenticated (Administrator+) CSV InjectionEPSS 0.3%CVE-2025-12249MEDIUMAxosoft Scrum and Bug Tracking Edit Ticket csv injectionEPSS 0.3%CVE-2023-25611MEDIUMA improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 EPSS 0.3%CVE-2025-11576MEDIUMAI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant <= 1.6.5 - Unauthenticated CSV InjectionEPSS 0.3%CVE-2025-66834HIGHA CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into expEPSS 0.3%CVE-2025-8808MEDIUMxujeff tianti 天梯 com.jeff.tianti.controller save exportOrder csv injectionEPSS 0.3%CVE-2025-67851MEDIUMMoodle: moodle: formula injection allows arbitrary formula execution via unescaped data exportEPSS 0.3%CVE-2024-28764MEDIUMIBM WebSphere Automation CSV injectionEPSS 0.2%CVE-2026-10248MEDIUMSourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injectionEPSS 0.2%CVE-2025-13133MEDIUMSimple User Import Export <= 1.1.7 - Authenticated (Admin+) CSV InjectionEPSS 0.2%CVE-2026-47693MEDIUMPoweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applicationsEPSS 0.2%CVE-2026-27644MEDIUMtraccar allows CSV formula injection via exported position dataEPSS 0.2%CVE-2025-52386MEDIUMCycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON fileEPSS 0.2%CVE-2025-54752MEDIUMMultiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victiEPSS 0.2%CVE-2025-6838MEDIUMBroken Link Notifier <= 1.3.0 - Authenticated (Contributor+) CSV InjectionEPSS 0.2%CVE-2025-35033MEDIUMMedical Informatics Engineering Enterprise Health CSV injectionEPSS 0.2%