Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim allows to execute macros while opening the file and the security settings of Excel allow for command execution.
CVSS Information
N/A
Vulnerability Type
CWE-1236
Vulnerability Title
SAP Business One 安全漏洞
Vulnerability Description
SAP Business One是德国思爱普(SAP)公司的一套企业管理软件。该软件包括财务管理、运营管理和人力资源管理等功能。 SAP Business One存在安全漏洞,打开文件时允许执行宏,并且Excel的安全设置允许命令执行时,攻击者可利用该漏洞在受害者的计算机上执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A