CWE-1236
AllowedImproper Neutralization of Formula Elements in a CSV File
Abstraction: Base · Status: Incomplete
The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.
401 vulnerabilities reference this CWE, most recent first.
CVE-2025-52612 (GCVE-0-2025-52612)
Vulnerability from cvelistv5 – Published: 2026-06-04 11:40 – Updated: 2026-06-04 13:19- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T13:19:24.545600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T13:19:36.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iControl",
"vendor": "HCL",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. ."
}
],
"value": "HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. ."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236: Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T11:40:16.884Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0131041"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL iControl was affected by Export CSV - CSV Injection vulnerability.",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-52612",
"datePublished": "2026-06-04T11:40:16.884Z",
"dateReserved": "2025-06-18T14:00:40.356Z",
"dateUpdated": "2026-06-04T13:19:36.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-35033 (GCVE-0-2025-35033)
Vulnerability from cvelistv5 – Published: 2025-09-29 20:01 – Updated: 2025-09-30 16:52- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
| Vendor | Product | Version | |
|---|---|---|---|
| Medical Informatics Engineering | Enterprise Health |
Affected:
RC202503 , < RC202503 2025-03-14
(custom)
Affected: RC202409 , < RC202409 2025-03-14 (custom) Affected: RC202403 , < RC202403 2025-03-14 (custom) Affected: RC202309 , < RC202309 2025-03-14 (custom) Affected: RC202303 , < RC202303 2025-03-14 (custom) Unaffected: RC202503 2025-03-14 Unaffected: RC202409 2025-03-14 Unaffected: RC202403 2025-03-14 Unaffected: RC202309 2025-03-14 Unaffected: RC202303 2025-03-14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:51:53.401154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:52:03.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Health",
"vendor": "Medical Informatics Engineering",
"versions": [
{
"lessThan": "RC202503 2025-03-14",
"status": "affected",
"version": "RC202503",
"versionType": "custom"
},
{
"lessThan": "RC202409 2025-03-14",
"status": "affected",
"version": "RC202409",
"versionType": "custom"
},
{
"lessThan": "RC202403 2025-03-14",
"status": "affected",
"version": "RC202403",
"versionType": "custom"
},
{
"lessThan": "RC202309 2025-03-14",
"status": "affected",
"version": "RC202309",
"versionType": "custom"
},
{
"lessThan": "RC202303 2025-03-14",
"status": "affected",
"version": "RC202303",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "RC202503 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202409 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202403 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202309 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202303 2025-03-14"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Thompson, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Trevor LaPay, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Fernando Martinez, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Gary Huang, Sandia National Laboratories"
}
],
"datePublic": "2025-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Medical Informatics Engineering Enterprise Health has a CSV injection vulnerability that allows a remote, authenticated attacker to inject macros in downloadable CSV files. This issue is fixed as of 2025-03-14."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:04:42.893178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T20:01:38.144Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35033"
}
],
"title": "Medical Informatics Engineering Enterprise Health CSV injection"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35033",
"datePublished": "2025-09-29T20:01:38.144Z",
"dateReserved": "2025-04-15T20:56:24.404Z",
"dateUpdated": "2025-09-30T16:52:03.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-14229 (GCVE-0-2025-14229)
Vulnerability from cvelistv5 – Published: 2025-12-08 11:02 – Updated: 2025-12-08 17:09 X_Freeware| URL | Tags |
|---|---|
| https://vuldb.com/?id.334671 | vdb-entry |
| https://vuldb.com/?ctiid.334671 | signaturepermissions-required |
| https://vuldb.com/?submit.702119 | third-party-advisory |
| https://www.notion.so/Spreadsheet-Formula-Injecti… | exploit |
| https://www.sourcecodester.com/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| SourceCodester | Inventory Management System |
Affected:
1.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14229",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-08T17:08:39.728087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T17:09:45.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SVC Report Export"
],
"product": "Inventory Management System",
"vendor": "SourceCodester",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Amit_singh (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CSV Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T11:02:06.822Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-334671 | SourceCodester Inventory Management System SVC Report Export csv injection",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.334671"
},
{
"name": "VDB-334671 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.334671"
},
{
"name": "Submit #702119 | SourceCodester Inventory Management System 1.0 CSV Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.702119"
},
{
"tags": [
"exploit"
],
"url": "https://www.notion.so/Spreadsheet-Formula-Injection-Leading-to-Remote-Code-Execution-in-SourceCodester-Inventory-Managemen-2b723917db8c80dfaaabe2b74d6f283d?source=copy_link"
},
{
"tags": [
"product"
],
"url": "https://www.sourcecodester.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2025-12-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-07T20:37:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "SourceCodester Inventory Management System SVC Report Export csv injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-14229",
"datePublished": "2025-12-08T11:02:06.822Z",
"dateReserved": "2025-12-07T19:32:13.296Z",
"dateUpdated": "2025-12-08T17:09:45.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13133 (GCVE-0-2025-13133)
Vulnerability from cvelistv5 – Published: 2025-11-18 09:27 – Updated: 2026-04-08 16:46- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
| Vendor | Product | Version | |
|---|---|---|---|
| vaniivan | Simple User Import Export |
Affected:
0 , ≤ 1.1.7
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T21:21:02.061747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T21:32:02.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple User Import Export",
"vendor": "vaniivan",
"versions": [
{
"lessThanOrEqual": "1.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ivan Cese"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple User Import Export plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.1.7 via the \u0027Import/export users\u0027 function. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:46:52.332Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39ec49b4-f0f3-4ec7-b11b-ce808c025577?source=cve"
},
{
"url": "https://it.wordpress.org/plugins/a3-user-importer/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-17T20:52:10.000Z",
"value": "Disclosed"
}
],
"title": "Simple User Import Export \u003c= 1.1.7 - Authenticated (Admin+) CSV Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13133",
"datePublished": "2025-11-18T09:27:37.077Z",
"dateReserved": "2025-11-13T18:10:42.350Z",
"dateUpdated": "2026-04-08T16:46:52.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12249 (GCVE-0-2025-12249)
Vulnerability from cvelistv5 – Published: 2025-10-27 08:02 – Updated: 2025-10-27 17:00| URL | Tags |
|---|---|
| https://vuldb.com/?id.329920 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.329920 | signaturepermissions-required |
| https://vuldb.com/?submit.673851 | third-party-advisory |
| https://drive.google.com/file/d/1EtmG4IyNQO7VStyc… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Axosoft | Scrum and Bug Tracking |
Affected:
22.1.1.11545
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12249",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T17:00:18.343504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T17:00:37.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Edit Ticket Page"
],
"product": "Scrum and Bug Tracking",
"vendor": "Axosoft",
"versions": [
{
"status": "affected",
"version": "22.1.1.11545"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "sn4ku1 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Axosoft Scrum and Bug Tracking 22.1.1.11545 gefunden. Es ist betroffen eine unbekannte Funktion der Komponente Edit Ticket Page. Durch Beeinflussen des Arguments Title mit unbekannten Daten kann eine csv injection-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CSV Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T08:02:11.492Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-329920 | Axosoft Scrum and Bug Tracking Edit Ticket csv injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.329920"
},
{
"name": "VDB-329920 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.329920"
},
{
"name": "Submit #673851 | Axosoft Scrum and Bug Tracking 22.1.1.11545 Improper Neutralization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.673851"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1EtmG4IyNQO7VStycpkSl9iivURrYQBSD/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-26T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-26T06:30:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "Axosoft Scrum and Bug Tracking Edit Ticket csv injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-12249",
"datePublished": "2025-10-27T08:02:11.492Z",
"dateReserved": "2025-10-26T05:25:26.690Z",
"dateUpdated": "2025-10-27T17:00:37.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11576 (GCVE-0-2025-11576)
Vulnerability from cvelistv5 – Published: 2025-10-24 12:29 – Updated: 2026-04-08 16:52- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
| Vendor | Product | Version | |
|---|---|---|---|
| newcodebyte | AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant |
Affected:
0 , ≤ 1.6.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11576",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-24T12:48:17.739856Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T12:48:31.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AI Chatbot Free Models \u2013 Customer Support, Live Chat, Virtual Assistant",
"vendor": "newcodebyte",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The AI Chatbot Free Models \u2013 Customer Support, Live Chat, Virtual Assistant plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.6.5. This is due to insufficient sanitization in the \u0027newcodebyte_chatbot_export_messages\u0027 function. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:52:18.410Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5064873b-e70a-4fe6-8c5c-ced6025aaa5f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3378450/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-13T21:23:46.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-23T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "AI Chatbot Free Models \u2013 Customer Support, Live Chat, Virtual Assistant \u003c= 1.6.5 - Unauthenticated CSV Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11576",
"datePublished": "2025-10-24T12:29:56.573Z",
"dateReserved": "2025-10-09T23:55:23.529Z",
"dateUpdated": "2026-04-08T16:52:18.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11498 (GCVE-0-2025-11498)
Vulnerability from cvelistv5 – Published: 2025-10-14 12:42 – Updated: 2025-10-14 15:31- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
| Vendor | Product | Version | |
|---|---|---|---|
| B&R Industrial Automation GmbH | Automation Runtime |
Affected:
6.0 , < 6.4
(custom)
Affected: 4 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11498",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T15:31:29.889194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T15:31:36.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Automation Runtime",
"vendor": "B\u0026R Industrial Automation GmbH",
"versions": [
{
"lessThan": "6.4",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B\u0026amp;R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability requires the attacker to create a malicious link. The user would need to click on this link, after which the resulting CSV file addi-tionally needs to be manually opened."
}
],
"value": "An Improper Neutralization of Formula Elements in a CSV File vulnerability exists in System Diagnostics Manager (SDM) of B\u0026R Automation Runtime versions before 6.4 enabling a remote attacker to inject formula data into a generated CSV file. The exploitation of this vulnerability requires the attacker to create a malicious link. The user would need to click on this link, after which the resulting CSV file addi-tionally needs to be manually opened."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236: Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T12:42:59.143Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA25P003-178b6a20.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CSV Formula Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2025-11498",
"datePublished": "2025-10-14T12:42:59.143Z",
"dateReserved": "2025-10-08T13:55:00.714Z",
"dateUpdated": "2025-10-14T15:31:36.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11279 (GCVE-0-2025-11279)
Vulnerability from cvelistv5 – Published: 2025-10-05 03:02 – Updated: 2025-10-06 20:08| URL | Tags |
|---|---|
| https://vuldb.com/?id.327013 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.327013 | signaturepermissions-required |
| https://vuldb.com/?submit.659422 | third-party-advisory |
| https://drive.google.com/file/d/1Lw9_KYblnhg7FQU7… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Axosoft | Scrum and Bug Tracking |
Affected:
22.1.1.11545
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11279",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T20:07:53.520851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T20:08:01.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Add Work Item Page"
],
"product": "Scrum and Bug Tracking",
"vendor": "Axosoft",
"versions": [
{
"status": "affected",
"version": "22.1.1.11545"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "sn4ku1 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Axosoft Scrum and Bug Tracking 22.1.1.11545 entdeckt. Betroffen ist eine unbekannte Verarbeitung der Komponente Add Work Item Page. Dank Manipulation des Arguments Title mit unbekannten Daten kann eine csv injection-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CSV Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-05T03:02:06.381Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-327013 | Axosoft Scrum and Bug Tracking Add Work Item csv injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.327013"
},
{
"name": "VDB-327013 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.327013"
},
{
"name": "Submit #659422 | Axosoft Scrum \u0026 Bug Tracking 22.1.1.11545 Improper Neutralization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.659422"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1Lw9_KYblnhg7FQU70G0SgH_VyYRUD-rX/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-04T08:30:36.000Z",
"value": "VulDB entry last update"
}
],
"title": "Axosoft Scrum and Bug Tracking Add Work Item csv injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-11279",
"datePublished": "2025-10-05T03:02:06.381Z",
"dateReserved": "2025-10-04T06:25:32.219Z",
"dateUpdated": "2025-10-06T20:08:01.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11254 (GCVE-0-2025-11254)
Vulnerability from cvelistv5 – Published: 2025-10-11 08:29 – Updated: 2026-04-08 17:11- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
| Vendor | Product | Version | |
|---|---|---|---|
| contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe |
Affected:
0 , ≤ 27.0.3
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11254",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T13:30:49.664443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T14:11:30.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Contest Gallery \u2013 Upload \u0026 Vote Photos, Media, Sell with PayPal \u0026 Stripe",
"vendor": "contest-gallery",
"versions": [
{
"lessThanOrEqual": "27.0.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aur\u00e9lien BOURDOIS"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contest Gallery \u2013 Upload, Vote \u0026 Sell with PayPal and Stripe plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 27.0.3 via gallery submissions. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:00.252Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9a0dc62c-786d-40f3-b9c9-bd199a176192?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3375891/contest-gallery/tags/28.0.0/functions/backend/render/cg-backend-gallery-general.php?old=3372123\u0026old_path=contest-gallery%2Ftags%2F27.0.3%2Ffunctions%2Fbackend%2Frender%2Fcg-backend-gallery-general.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/contest-gallery/tags/27.0.3\u0026new_path=/contest-gallery/tags/28.0.0\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-03T12:12:24.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-10-10T19:47:00.000Z",
"value": "Disclosed"
}
],
"title": "Contest Gallery \u2013 Upload, Vote \u0026 Sell with PayPal and Stripe \u003c= 27.0.3 - Unauthenticated CSV Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11254",
"datePublished": "2025-10-11T08:29:16.424Z",
"dateReserved": "2025-10-03T11:57:16.168Z",
"dateUpdated": "2026-04-08T17:11:00.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9241 (GCVE-0-2025-9241)
Vulnerability from cvelistv5 – Published: 2025-08-20 19:32 – Updated: 2025-08-20 20:21| URL | Tags |
|---|---|
| https://vuldb.com/?id.320774 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.320774 | signaturepermissions-required |
| https://vuldb.com/?submit.631473 | third-party-advisory |
| https://github.com/elunez/eladmin/issues/886 | issue-tracking |
| https://github.com/elunez/eladmin/issues/886#issu… | exploitissue-tracking |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9241",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T20:21:29.641444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T20:21:38.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "eladmin",
"vendor": "elunez",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.3"
},
{
"status": "affected",
"version": "2.4"
},
{
"status": "affected",
"version": "2.5"
},
{
"status": "affected",
"version": "2.6"
},
{
"status": "affected",
"version": "2.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ez-lbz (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited."
},
{
"lang": "de",
"value": "In elunez eladmin bis 2.7 wurde eine Schwachstelle gefunden. Hierbei geht es um die Funktion exportUser. Mittels Manipulieren mit unbekannten Daten kann eine csv injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CSV Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T19:32:05.488Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-320774 | elunez eladmin exportUser csv injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.320774"
},
{
"name": "VDB-320774 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.320774"
},
{
"name": "Submit #631473 | elunez eladmin \u2264 2.7 CSV/XLSX Injection(CWE-1236)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.631473"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/elunez/eladmin/issues/886"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/elunez/eladmin/issues/886#issue-3307309824"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-20T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-20T13:12:12.000Z",
"value": "VulDB entry last update"
}
],
"title": "elunez eladmin exportUser csv injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9241",
"datePublished": "2025-08-20T19:32:05.488Z",
"dateReserved": "2025-08-20T11:07:03.857Z",
"dateUpdated": "2025-08-20T20:21:38.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
When generating CSV output, ensure that formula-sensitive metacharacters are effectively escaped or removed from all data before storage in the resultant CSV. Risky characters include '=' (equal), '+' (plus), '-' (minus), and '@' (at).
Mitigation
If a field starts with a formula character, prepend it with a ' (single apostrophe), which prevents Excel from executing the formula.
Mitigation
Certain implementations of spreadsheet software might disallow formulas from executing if the file is untrusted, or if the file is not authored by the current user.
No CAPEC attack patterns related to this CWE.