CWE-1236— Improper Neutralization of Formula Elements in a CSV File
297 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1236page 5 of 6
- CVE-2023-31296MEDIUMCVSS 5.3EG 5.32023-12-29
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.
- CVE-2023-31867HIGHCVSS 7.2EG 7.22023-06-22
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
- CVE-2023-3302HIGHCVSS 7.8EG 7.82023-06-23
Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.
- CVE-2023-33410HIGHCVSS 8.8EG 8.82023-06-05
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is use…
- CVE-2023-3493HIGHCVSS 8.0EG 7.72023-06-30
Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling/fossbilling prior to 0.5.3.
- CVE-2023-3527MEDIUMCVSS 6.8EG 6.82023-07-18
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrar…
- CVE-2023-35899HIGHCVSS 7.0EG 7.02024-03-21
IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands …
- CVE-2023-36527MEDIUMCVSS 4.7EG 8.82023-11-07
Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0.
- CVE-2023-37219HIGHCVSS 7.3EG 7.32023-07-30
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File
- CVE-2023-38843HIGHCVSS 8.0EG 8.02023-08-17
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function.
- CVE-2023-4006CRITICALCVSS 9.8EG 9.82023-07-31
Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
- CVE-2023-41798MEDIUMCVSS 5.1EG 8.82023-11-07
Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist – WordPress Business Directory Plugin with Cl…
- CVE-2023-42004HIGHCVSS 8.0EG 8.02023-11-28
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.
- CVE-2023-43071MEDIUMCVSS 4.4EG 4.42023-10-05
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attac…
- CVE-2023-45597MEDIUMCVSS 5.9EG 5.92024-03-05
A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the “file_configuration” functionality of the web application (concerning the function “export_file”) allows a remote authenticated attacke…
- CVE-2023-46400CRITICALCVSS 9.8EG 4.32025-01-23
KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function.
- CVE-2023-46401CRITICALCVSS 9.8EG 8.82025-01-23
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function.
- CVE-2023-47022MEDIUMCVSS 6.5EG 6.52024-02-06
Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection.
- CVE-2023-47295CRITICALCVSS 9.8EG 9.82025-06-23
A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.
- CVE-2023-47534CRITICALCVSS 9.6EG 9.62024-03-12
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized…
- CVE-2023-48029HIGHCVSS 8.0EG 8.02023-11-17
Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject a malicious command into a table. This vulnerability is exploited when an administrator visits the user management section, exports the data t…
- CVE-2023-48207HIGHCVSS 8.8EG 8.82023-12-07
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.
- CVE-2023-48709HIGHCVSS 8.0EG 8.02024-04-15
iTop is an IT service management platform. When exporting data from backoffice or portal in CSV or Excel files, users' inputs may include malicious formulas that may be imported into Excel. As Excel 2016 does **not** prevent Remote Code E…
- CVE-2023-50448MEDIUMCVSS 6.5EG 6.52023-12-28
In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that belongs to another user) by making CSV export requests at certain specific times.
- CVE-2023-51298MEDIUMCVSS 4.7EG 4.72025-02-19
PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters f…
- CVE-2023-51302HIGHCVSS 8.8EG 8.82025-02-19
PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters fie…
- CVE-2023-51311HIGHCVSS 8.8EG 8.82025-02-20
PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters …
- CVE-2023-51319HIGHCVSS 8.8EG 8.82025-02-20
PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters f…
- CVE-2023-51333HIGHCVSS 8.8EG 8.82025-02-20
PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters fi…
- CVE-2023-51336HIGHCVSS 8.8EG 8.82025-02-20
PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any paramet…
- CVE-2023-51763CRITICALCVSS 9.8EG 9.82023-12-24
csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection.
- CVE-2023-53905HIGHCVSS 8.0EG 8.82025-12-17
ProjectSend r1605 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into user profile names. Attackers can craft payloads like =calc|a!z| in the name field to trigger code execution when ad…
- CVE-2023-53913HIGHCVSS 8.8EG 8.82025-12-17
Rukovoditel 3.3.1 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into the firstname field. Attackers can craft payloads like =calc|a!z| to trigger code execution when an admin exports cu…
- CVE-2023-53929HIGHCVSS 8.8EG 8.82025-12-17
phpMyFAQ 3.1.12 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into their profile names. Attackers can modify their user profile name with a payload like 'calc|a!z|' to trigger code exec…
- CVE-2023-5424MEDIUMCVSS 4.7EG 4.72024-06-07
The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.9.217. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when…
- CVE-2023-54348HIGHCVSS 8.8EG 8.82026-05-05
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the exported CSV in a spreadsheet applicatio…
- CVE-2023-5527HIGHCVSS 7.4EG 7.42024-06-18
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 6.4.3 via the class-csv-exporter.php file. This allows authenticated attackers, with author-level permissions and above, to…
- CVE-2024-22063HIGHCVSS 7.6EG 7.62024-12-30
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devic…
- CVE-2024-24337HIGHCVSS 8.0EG 8.82024-02-12
CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in Koha Library Management System version 23.05.05 and earlier allows attackers to to inject DDE commands into csv exports via the 'Budget' and 'Pa…
- CVE-2024-25007HIGHCVSS 7.1EG 7.12024-04-04
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosur…
- CVE-2024-27320HIGHCVSS 7.8EG 7.82024-09-12
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a mali…
- CVE-2024-27321HIGHCVSS 7.8EG 7.82024-09-12
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a user creates a multilabel classification ta…
- CVE-2024-27785MEDIUMCVSS 5.4EG 5.42024-07-09
An improper neutralization of formula elements in a CSV File [CWE-1236] vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.
- CVE-2024-28111MEDIUMCVSS 6.5EG 6.52024-03-06
Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken's incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This …
- CVE-2024-28764MEDIUMCVSS 6.5EG 6.52024-05-01
IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM …
- CVE-2024-29375CRITICALCVSS 9.8EG 9.82024-04-04
CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name (inside Input Triangles) and Yield Curve …
- CVE-2024-3214MEDIUMCVSS 5.8EG 5.82024-04-09
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, whi…
- CVE-2024-3232HIGHCVSS 7.6EG 7.62024-07-16
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV…
- CVE-2024-41226HIGHCVSS 7.8EG 8.82024-08-06
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arguing the attacker executes everything fr…
- CVE-2024-45084HIGHCVSS 8.0EG 8.02025-02-19
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attacker to conduct formula injection. An attacker could execute arbitrary commands on the system, caused by improper validation of fi…
Map vulnerabilities like CWE-1236 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1236 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →