CWE-1236 · Improper Neutralization of Formula Elements in a CSV File
293 CVEs classified under CWE-1236 (Improper Neutralization of Formula Elements in a CSV File). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-31049 | Critical | 9.8 | 2026-04-14 | An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code and escalate privileges via the CSV registration field |
CVE-2020-36962 | Critical | 9.8 | 2026-01-28 | Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during expo… |
CVE-2021-47901 | Critical | 9.8 | 2026-01-27 | Dirsearch 0.4.1 contains a CSV injection vulnerability when using the --csv-report flag that allows attackers to inject formulas through redirected endpoints… |
CVE-2020-36941 | Critical | 9.8 | 2026-01-27 | Knockpy 4.1.1 contains a CSV injection vulnerability that allows attackers to inject malicious formulas into CSV reports through unfiltered server headers. Att… |
CVE-2025-56267 | Critical | 9.8 | 2025-09-08 | A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel… |
CVE-2023-47295 | Critical | 9.8 | 2025-06-23 | A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field… |
CVE-2024-55532 | Critical | 9.8 | 2025-03-03 | Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Users are recommended to upgrade to versio… |
CVE-2023-46401 | Critical | 9.8 | 2025-01-23 | KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. |
CVE-2023-46400 | Critical | 9.8 | 2025-01-23 | KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. |
CVE-2024-47485 | Critical | 9.8 | 2024-10-18 | There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable com… |
CVE-2024-29375 | Critical | 9.8 | 2024-04-04 | CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Descript… |
CVE-2023-51763 | Critical | 9.8 | 2023-12-24 | csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection. |
CVE-2020-10131 | Critical | 9.8 | 2023-09-06 | SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter. |
CVE-2023-4006 | Critical | 9.8 | 2023-07-31 | Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16. |
CVE-2022-3574 | Critical | 9.8 | 2022-11-14 | The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection. |
CVE-2022-3463 | Critical | 9.8 | 2022-11-07 | The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection |
CVE-2022-22425 | Critical | 9.8 | 2022-11-03 | "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by… |
CVE-2022-3393 | Critical | 9.8 | 2022-10-25 | The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields when exporting data as CSV, leading to a CSV injection |
CVE-2022-28481 | Critical | 9.8 | 2022-05-01 | CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection. |
CVE-2022-0142 | Critical | 9.8 | 2022-04-12 | The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that w… |