Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
excel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-38337
The RSVPMaker Excel WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/phpexcel/PHPExcel/Shared/JAMA/docs/download.php file which allows malicious users to inject arbitrary web scripts, in versions up ...
Carrcommunications Rsvpmaker Excel
5
CVSSv2
CVE-2021-34676
Basix NEX-Forms up to and including 7.8.7 allows authentication bypass for Excel report generation.
Basixonline Nex-forms
6.8
CVSSv2
CVE-2021-34518
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Web Apps Server 2013
Microsoft Excel 2013
Microsoft Excel 2016
6.8
CVSSv2
CVE-2021-34501
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Online Server -
Microsoft Office 2019
Microsoft 365 Apps -
6.8
CVSSv2
CVE-2020-25445
The “Subscribe” feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV formula injection. The input containing the excel formula is not being sanitized by the application. As a result when admin in backend download and open the csv, content of the ...
Bookingcore Booking Core 1.7.0
6.5
CVSSv2
CVE-2021-27489
ZOLL Defibrillator Dashboard, v before 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an malicious user to remotely execute arbitrary commands.
Zoll Defibrillator Dashboard
1 Article
2.1
CVSSv2
CVE-2021-27481
ZOLL Defibrillator Dashboard, v before 2.2, The affected products utilize an encryption key in the data exchange process, which is hardcoded. This could allow an malicious user to gain access to sensitive information.
Zoll Defibrillator Dashboard
1 Article
6.8
CVSSv2
CVE-2021-31939
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office 2013
Microsoft Office Web Apps Server 2013
Microsoft Office Online Server -
Microsoft Office 2016
Microsoft Office 2019
Microsoft 365 Apps -
6.8
CVSSv2
CVE-2021-31941
Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office 2013
Microsoft Office 2016
Microsoft Outlook 2013
Microsoft Office 2019
Microsoft 365 Apps -
4
CVSSv2
CVE-2021-31339
A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »