Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1236 — Vulnerability Class 125

125 vulnerabilities classified as CWE-1236. AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-41675 TEAM JOHNLONG SOFTWARE CO., LTD. MAILD Mail Server - Formula Injection — MAILD Mail Server 8.0 High2022-11-29
CVE-2022-3574 WPForms Pro < 1.7.7 - CSV Injection — WPForms Pro 9.8 -2022-11-14
CVE-2022-27858 WordPress Activity Log plugin <= 2.8.3 - CSV Injection vulnerability — Activity Log (WordPress plugin) 7.4 High2022-11-08
CVE-2022-3463 FluentForm < 4.3.13 - CSV Injection — Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms 8.8 -2022-11-07
CVE-2022-3558 Import and export users and customers < 1.20.5 - Subscriber+ CSV Injection — Import and export users and customers 8.0 -2022-11-07
CVE-2022-40294 CSV Injection in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC — PHP Point of Sale 8.8 -2022-10-31
CVE-2022-3393 Post to CSV by BestWebSoft <= 1.4.0 - Author+ CSV Injection — Post to CSV by BestWebSoft 8.8 -2022-10-25
CVE-2022-2798 Affiliates Manager < 2.9.14 - Affiliate CSV Injection — Affiliates Manager 8.0 -2022-09-16
CVE-2022-1194 Mobile Events Manager < 1.4.8 - Admin+ CSV Injection — Mobile Events Manager 8.0 -2022-09-16
CVE-2022-3026 WP Users Exporter <= 1.4.2 - CSV Injection — WP Users Exporter 6.5 Medium2022-09-06
CVE-2022-2240 Request a Quote <= 2.3.7 - CSV Injection — Request a Quote 8.8 -2022-07-25
CVE-2022-1539 Exports and Reports < 0.9.2 - Contributor+ CSV Injection — Exports and Reports 8.8 -2022-07-25
CVE-2022-2112 Improper Neutralization of Formula Elements in a CSV File in inventree/inventree — inventree/inventree 8.8 -2022-06-17
CVE-2022-1202 WP-CRM <= 1.2.1 - CSV Injection — WP-CRM – Customer Relations Management for WordPress 7.8 -2022-06-13
CVE-2022-2027 Improper Neutralization of Formula Elements in a CSV File in kromitgmbh/titra — kromitgmbh/titra 8.8 -2022-06-08
CVE-2022-26867 Dell EMC PowerStore 安全漏洞 — PowerStore 5.9 Medium2022-06-02
CVE-2022-1544 Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers — luyadev/yii-helpers 7.8 -2022-05-01
CVE-2021-23286 Security issues in Eaton Intelligent Power Manager Infrastructure — Intelligent Power Manager Infrastructure (IPM Infrastructure) 5.7 Medium2022-04-18
CVE-2022-0142 Visual Form Builder < 3.0.6 - CSV Injection — Visual Form Builder 9.8 -2022-04-12
CVE-2022-24770 Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging — gradio 8.8 High2022-03-17
CVE-2022-22689 CA Harvest Software Change Manager 安全漏洞 — CA Harvest Software Change Manager 8.8 -2022-02-04
CVE-2022-22121 NocoDB - CSV Injection in User Management — nocodb 8.0 High2022-01-10
CVE-2021-41270 CSV Injection in Symfony — symfony 6.5 Medium2021-11-24
CVE-2021-38424 Delta Electronics DIALink — DIALink 5.9 Medium2021-11-03
CVE-2020-36503 Connections Business Directory < 9.7 - Admin+ CSV Injection — Connections Business Directory 8.0 -2021-11-01
CVE-2021-38180 SAP Business One 安全漏洞 — SAP Business One 8.8 -2021-10-12
CVE-2021-25960 SuiteCRM - CSV Injection in Accounts Module — SuiteCRM 8.0 High2021-09-29
CVE-2021-25962 Shuup - Formula Injection in Checkout Addresses — shuup 8.0 High2021-09-29
CVE-2021-37702 Improper Neutralization of Formula Elements in a CSV File in pimcore/pimcore — pimcore 8.0 High2021-08-18
CVE-2021-22771 Schneider Electric Easergy T300 安全漏洞 — Easergy T300 with firmware V2.7.1 and older 7.3 -2021-07-21

Vulnerabilities classified as CWE-1236 represent 125 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.