VYPR
Critical severity9.6OSV Advisory· Published Sep 7, 2018· Updated Jun 17, 2026

CVE-2018-15474

CVE-2018-15474

Description

CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export. NOTE: the vendor has stated "this is not a security problem in DokuWiki.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Range: release-2005-07-01, release-2005-07-13, release-2005-09-19, …

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.