CSV Injection while export users in thorsten/phpmyfaq
Jun 30th 2023
1 admin add a user, or a user signup.
2 the user logins and edit himeself
3 the user change his realname as "=1+cmd|'/C calc'!A0"
4 admin go to export the users as a csv file
5 admin open the csv and we can see that the calculator is opened.
see https://owasp.org/www-community/attacks/CSV_Injection to fix it.
Hijacking the user’s computer
Exfiltrating contents from the spreadsheet, or other open spreadsheets.
Exporting Comments is also vulnerabe.