phpMyFAQ v3.1.12 – CSV Injection

Exploit Database
14 阅读

作者： Mirabbas Ağalarov

日期： 2023-05-02
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/51399/

Exploit Title: phpMyFAQ v3.1.12 - CSV Injection
Application: phpMyFAQ
Version: 3.1.12
Bugs:CSV Injection
Technology: PHP
Vendor URL: https://www.phpmyfaq.de/
Software Link: https://download.phpmyfaq.de/phpMyFAQ-3.1.12.zip
Date of found: 21.04.2023
Author: Mirabbas Ağalarov
Tested on: Windows


2. Technical Details & POC
========================================
Step 1. login as user
step 2. Go to user control panel and change name as =calc|a!z| and save
step 3. If admin Export users as CSV ,in The computer of adminoccurs csv injection and will open calculator

payload: calc|a!z|
Poc video:https://youtu.be/lXwaexX-1uU

last Exploits
phpMyFAQ v3.1.12 – CSV Injection的更多信息

Alienor Web Libre 2.0 – SQL Injection：
Subrion 4.2.1 – ‘Email’ Persistant Cross-Site Scripting：
WordPress Plugin WP Featured Post with Thumbnail 3.0 – ‘src’ Cross-Site Scripting：
qdPM 9.1 – ‘cfg[app_app_name]’ Persistent Cross-Site Scripting：
IBM Websphere Application Server 7.0.0.13 – Cross-Site Request Forgery：
MyBB KingChat Plugin – Persistent Cross-Site Scripting：
PHP-Nuke 7.0/8.1/8.1.35 – Wormable Remote Code Execution：
Intellinet IP Camera INT-L100M20N – Unauthorized Admin Credential Change：