1 results (0.006 seconds)
CVSS: 7.8EPSS: 8%CPEs: 1EXPL: 1
CVSS: 7.8EPSS: 8%CPEs: 1EXPL: 1CVE-2018-10063 – Joomla! Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
https://notcve.org/view.php?id=CVE-2018-10063
The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file. La extensión Convert Forms, en versiones anteriores a la 2.0.4 para Joomla!, es vulnerable a la ejecución remota de comandos empleando una inyección CSV que se gestiona de manera incorrecta al exportar un archivo Leads. Joomla Convert Forms extension version 2.0.3 suffers from a CSV formula injection vulnerability. • https://www.exploit-db.com/exploits/44447 https://extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/convert-forms https://www.tassos.gr/blog/convert-forms-2-0-4-security-release •