Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
excel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43984
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated malicious users to arbitrarily download user information from the ps_customer table.
Advanced Export Products Orders Cron Csv Excel Project Advanced Export Products Orders Cron Csv Excel
NA
CVE-2023-5116
The Live updates from Excel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ipushpull_page' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes....
Ipushpull Live Updates From Excel
NA
CVE-2023-46346
In the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 4.1.1 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions c...
Myprestamodules Exportproducts
NA
CVE-2023-36766
Microsoft Excel Information Disclosure Vulnerability
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Online Server -
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office Long Term Servicing Channel 2021
NA
CVE-2023-4581
Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbi...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
NA
CVE-2023-36896
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Online Server -
Microsoft Office 2013
Microsoft Office 2016
Microsoft Office 2013 Rt
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office Long Term Servicing Channel 2021
NA
CVE-2023-3527
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to ...
Avaya Call Management System
NA
CVE-2023-22037
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: MS Excel Specific). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...
Oracle Web Applications Desktop Integrator
NA
CVE-2023-33158
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2021
Microsoft Office -
NA
CVE-2023-33161
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2021
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »