phpMyFAQ-3.1.12 CSV Injection

Mirabbas Agalarov
2 min readMay 4, 2023

--

#Title:

phpMyFAQ-3.1.12 CSV Injection

#Vulnerability discovery:

This is a csv injection vulnerability found in phpMyFAQ-3.1.12.This vulnerability was discovered by me on April 21, 2023.

#Description of the vulnerability:

phpMyFAQ is a mobile-friendly, feature-rich, scalable open source FAQ web app for PHP 8 .
As you know, the administrator can import many site data in csv format.
Csv injection can occur if you do not control input validation and directly use the input when creating a csv file.
Input validation is the cause of almost all vulnerabilities.

#Affected Versions:

This and all previous versions are affected

#Step by Step Exploitation:

Step 1. login as user
step 2. Go to user control panel and change name as =calc|a!z| and save

step 3. If admin Export users as CSV ,in The computer of admin occurs csv injection and will open calculator

youtube poc-https://youtu.be/lXwaexX-1uU

--

--