| Titre | elunez eladmin ≤ 2.7 CSV/XLSX Injection(CWE-1236) |
|---|
| Description | In eladmin versions up to 2.7, 19 endpoints are vulnerable to CSV/XLSX injection, which can lead to sensitive information disclosure when malicious spreadsheet formulas are executed. |
|---|
| La source | ⚠️ https://github.com/elunez/eladmin/issues/886 |
|---|
| Utilisateur | ez-lbz (UID 87033) |
|---|
| Soumission | 10/08/2025 10:18 (il y a 11 mois) |
|---|
| Modérer | 20/08/2025 13:07 (10 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 320774 [elunez eladmin jusqu’à 2.7 exportUser élévation de privilèges] |
|---|
| Points | 15 |
|---|