Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1236 — Vulnerability Class 125

125 vulnerabilities classified as CWE-1236. AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-39424 MaxKB has CSV Injection in its Application Chat Export Functionality — MaxKB 7.8 -2026-04-14
CVE-2026-24447 Movable Type 安全漏洞 — Movable Type (Software Edition) 8.6AIHighAI2026-02-04
CVE-2025-67851 Moodle: moodle: formula injection allows arbitrary formula execution via unescaped data export 6.1 Medium2026-02-03
CVE-2020-36962 Tendenci 12.3.1 - CSV/ Formula Injection — Tendenci 9.8 Critical2026-01-28
CVE-2021-47901 dirsearch 0.4.1 - CSV Injection — dirsearch 9.8 Critical2026-01-27
CVE-2020-36941 Knockpy 4.1.1 - CSV Injection — knock 9.8 Critical2026-01-27
CVE-2026-23873 HUSTOJ is Vulnerable to Stored CSV Injection (Formula Injection) in Contest Rank Export — hustoj 8.0AIHighAI2026-01-21
CVE-2025-61873 Request Tracker 安全漏洞 — Request Tracker 2.6 Low2026-01-16
CVE-2023-53929 phpMyFAQ 3.1.12 CSV Injection via User Profile Export — phpMyFAQ 8.8 High2025-12-17
CVE-2023-53913 Rukovoditel 3.3.1 CSV Injection via User Account Export — Rukovoditel 8.8 High2025-12-17
CVE-2023-53905 ProjectSend r1605 CSV Injection via User Account Export Functionality — projectSend 8.0 High2025-12-17
CVE-2025-14229 SourceCodester Inventory Management System SVC Report Export csv injection — Inventory Management System 4.7 Medium2025-12-08
CVE-2025-13133 Simple User Import Export <= 1.1.7 - Authenticated (Admin+) CSV Injection — Simple User Import Export 6.6 Medium2025-11-18
CVE-2025-12249 Axosoft Scrum and Bug Tracking Edit Ticket csv injection — Scrum and Bug Tracking 6.3 Medium2025-10-27
CVE-2025-11576 AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant <= 1.6.5 - Unauthenticated CSV Injection — AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant 4.3 Medium2025-10-24
CVE-2025-62417 bagisto - CSV Formula Injection in Create New Product — bagisto 7.8AIHighAI2025-10-16
CVE-2025-11498 CSV Formula Injection Vulnerability — Automation Runtime 6.1 Medium2025-10-14
CVE-2025-11254 Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.3 - Unauthenticated CSV Injection — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe 4.3 Medium2025-10-11
CVE-2025-11279 Axosoft Scrum and Bug Tracking Add Work Item csv injection — Scrum and Bug Tracking 5.5 Medium2025-10-05
CVE-2025-35033 Medical Informatics Engineering Enterprise Health CSV injection — Enterprise Health 4.1 Medium2025-09-29
CVE-2025-58855 WordPress AP HoneyPot WordPress Plugin Plugin <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability — AP HoneyPot WordPress Plugin 7.1 High2025-09-05
CVE-2025-55745 UnoPim Quick Export feature is vulnerable to CSV injection — unopim 8.8AIHighAI2025-08-22
CVE-2025-9241 elunez eladmin exportUser csv injection — eladmin 6.3 Medium2025-08-20
CVE-2025-8767 AnWP Football Leagues <= 0.16.17 - Authenticated (Administrator+) CSV Injection — AnWP Football Leagues 4.8 Medium2025-08-12
CVE-2025-8808 xujeff tianti 天梯 com.jeff.tianti.controller save exportOrder csv injection — tianti 天梯 4.3 Medium2025-08-10
CVE-2025-54752 Alfasado PowerCMS 安全漏洞 — PowerCMS 6.5 Medium2025-07-31
CVE-2025-6838 Broken Link Notifier <= 1.3.0 - Authenticated (Contributor+) CSV Injection — Broken Link Notifier 4.1 Medium2025-07-11
CVE-2025-7061 Intelbras InControl operador csv injection — InControl 2.7 Low2025-07-04
CVE-2025-1421 Formula injection in a CSV file in Proget MDM — Proget 6.5AIMediumAI2025-05-21
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection — MaxKB 4.7 Medium2025-05-11

Vulnerabilities classified as CWE-1236 represent 125 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.