CWE-1236 · Improper Neutralization of Formula Elements in a CSV File

293 CVEs classified under CWE-1236 (Improper Neutralization of Formula Elements in a CSV File). Browse by severity and year.

Top CVEs for CWE-1236
CVESeverityScorePublishedSummary
CVE-2026-31049Critical9.82026-04-14An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code and escalate privileges via the CSV registration field
CVE-2020-36962Critical9.82026-01-28Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during expo…
CVE-2021-47901Critical9.82026-01-27Dirsearch 0.4.1 contains a CSV injection vulnerability when using the --csv-report flag that allows attackers to inject formulas through redirected endpoints…
CVE-2020-36941Critical9.82026-01-27Knockpy 4.1.1 contains a CSV injection vulnerability that allows attackers to inject malicious formulas into CSV reports through unfiltered server headers. Att…
CVE-2025-56267Critical9.82025-09-08A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel…
CVE-2023-47295Critical9.82025-06-23A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field…
CVE-2024-55532Critical9.82025-03-03Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Users are recommended to upgrade to versio…
CVE-2023-46401Critical9.82025-01-23KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function.
CVE-2023-46400Critical9.82025-01-23KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function.
CVE-2024-47485Critical9.82024-10-18There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable com…
CVE-2024-29375Critical9.82024-04-04CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Descript…
CVE-2023-51763Critical9.82023-12-24csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection.
CVE-2020-10131Critical9.82023-09-06SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter.
CVE-2023-4006Critical9.82023-07-31Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
CVE-2022-3574Critical9.82022-11-14The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.
CVE-2022-3463Critical9.82022-11-07The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection
CVE-2022-22425Critical9.82022-11-03"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by…
CVE-2022-3393Critical9.82022-10-25The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields when exporting data as CSV, leading to a CSV injection
CVE-2022-28481Critical9.82022-05-01CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.
CVE-2022-0142Critical9.82022-04-12The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that w…