Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

phpoffice/phpspreadsheet

packagist

PHPSpreadsheet - Read, Create and Write Spreadsheet documents in PHP - Spreadsheet engine

View on github.com · View on packagist.org

Security Advisories for phpoffice/phpspreadsheet in packagist

High
about 2 months ago

PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser GSA_kwCzR0hTQS1yeDdtLTY4dmMtcHB4aM4ABLZU

packagist phpoffice/phpspreadsheet
Moderate
9 months ago

PhpSpreadsheet allows bypassing of XSS sanitizer using the javascript protocol and special characters GSA_kwCzR0hTQS1yNTdoLTU0N2gtdzI0Zs4ABEF_

packagist phpoffice/phpspreadsheet
Moderate
9 months ago

Cross-Site Scripting (XSS) vulnerability in generateNavigation() function in PhpSpreadsheet GSA_kwCzR0hTQS03OXh4LXZmOTMtcDdjeM4ABDo3

packagist phpoffice/phpspreadsheet
Moderate
10 months ago

PhpSpreadsheet allows bypass XSS sanitizer using the javascript protocol and special characters GSA_kwCzR0hTQS1xOWp2LW1tM3ItajQ3cs4ABC8m

packagist phpoffice/phpspreadsheet
Moderate
10 months ago

PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header GSA_kwCzR0hTQS1od2NwLTJoMzUtcDY2d84ABC8l

packagist phpoffice/phpspreadsheet
Moderate
10 months ago

PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability in custom properties GSA_kwCzR0hTQS13djIzLTk5NnYtcTIyOc4ABC8k

packagist phpoffice/phpspreadsheet
High
10 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in Currency.php file GSA_kwCzR0hTQS1qMnhnLWNqY3gtNDY3N84ABC8j

packagist phpoffice/phpspreadsheet
High
10 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in the Accounting.php file GSA_kwCzR0hTQS1jNmZ2LTd2aDgtMnJocs4ABC8i

packagist phpoffice/phpspreadsheet
High
10 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in the constructor of the Downloader class GSA_kwCzR0hTQS1qbXB4LTY4NnYtYzN3eM4ABC8h

packagist phpoffice/phpspreadsheet
High
10 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in `Convert-Online.php` file GSA_kwCzR0hTQS14ODhnLWg5NTYtbTV4Z84ABC8c

packagist phpoffice/phpspreadsheet
High
11 months ago

XXE in PHPSpreadsheet's XLSX reader GSA_kwCzR0hTQS03Y2M5LWo0bXYtdmNqcM4ABBeQ

packagist phpoffice/phpspreadsheet
High
11 months ago

XmlScanner bypass leads to XXE GSA_kwCzR0hTQS1qdzR4LXY2OWYtaGg1d84ABBeP

packagist phpoffice/phpspreadsheet
High
about 1 year ago

XXE in PHPSpreadsheet's XLSX reader GSA_kwCzR0hTQS02aHdyLTZ2MmYtM204OM4ABABf

packagist phpoffice/phpspreadsheet
Moderate
about 1 year ago

PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinks GSA_kwCzR0hTQS1yOHc4LTc0d3ctajR3aM4ABABe

packagist phpoffice/phpspreadsheet
Moderate
about 1 year ago

PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled GSA_kwCzR0hTQS13OXh2LXFmOTgtY2NxNM4ABABd

packagist phpoffice/phpspreadsheet
High
about 1 year ago

PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file GSA_kwCzR0hTQS01Z3ByLXcycDUtNm0zN84ABABc

packagist phpoffice/phpspreadsheet
Moderate
about 1 year ago

PhpSpreadsheet has an Unauthenticated Cross-Site-Scripting (XSS) in sample file GSA_kwCzR0hTQS12NjZnLXA5eDYtdjk4cM4ABAA1

packagist phpoffice/phpspreadsheet
High
about 1 year ago

XXE in PHPSpreadsheet encoding is returned GSA_kwCzR0hTQS1naGc2LTMyZjktMmpwN84AA_B0

packagist phpoffice/phpspreadsheet
Moderate
about 1 year ago

PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information GSA_kwCzR0hTQS13Z21mLXE5dnItdnd3Ns4AA_Bz

packagist phpoffice/phpspreadsheet
Moderate
over 4 years ago

Cross-site scripting in phpoffice/phpspreadsheet MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtcXYtZ2NyMy1wZmY5

packagist phpoffice/phpspreadsheet
High
almost 6 years ago

XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2d3YtaDY5bS13ZzZm

packagist phpoffice/phpspreadsheet
High
almost 6 years ago

XXE in PHPSpreadsheet due to encoding issue MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjcmctMjloNy1oNGNq

packagist phpoffice/phpspreadsheet

Filter by Severity

High 12 Moderate 10