Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in luyadev/yii-helpers
Vulnerability Description
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data.
CVSS Information
N/A
Vulnerability Type
CWE-1236
Vulnerability Title
yii-helpers 安全漏洞
Vulnerability Description
yii-helpers是Yii 框架的一组助手类,用作 LUYA 助手。 GitHub 库 luyadev/yii-helpers 1.2.1之前版本存在安全漏洞,攻击者利用该漏洞可导致诸如客户端命令注入、代码执行或包含的机密数据的远程过滤等影响。
CVSS Information
N/A
Vulnerability Type
N/A