Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
arxes-tolina 注入漏洞
Vulnerability Description
Arxes-tolina Arxes-tolina是德国Arxes-tolina公司的一个解决方案,提供电子服务、IT 服务和项目管理领域。 arxes-tolina 3.0.0版本中存在注入漏洞。攻击者可通过在Kundennummer、Firma、Street、PLZ、Ort、Zahlziel和Bemerkung栏中输入公式代码利用该漏洞远程控制其他电脑。
CVSS Information
N/A
Vulnerability Type
N/A