csv injection - ZeroSec - Adventures In Information Security

csv injection

A collection of 3 posts

Delivering Many a Payload via CSRF

Delivering Many a Payload via CSRF

CSRF Is still an issue in 2018, with some interesting payload delivery methods. Chaining vulns and some more on CSV Injection too!

CSV Injection -> Meterpreter on Pornhub

CSV Injection -> Meterpreter on Pornhub

This post will discuss an issue I found regarding CSV injection on Pornhub.com, allowing a remote attacker to inject malicious code into video titles resulting in potential full compromise of content creators and other users. Note: Pornhub have advised that they will no longer be rewarding for this type

CSV Injection Revisited - Making Things More Dangerous(and fun)

CSV Injection Revisited - Making Things More Dangerous(and fun)

In this post, I will discuss several methods and remediation steps that can be used to help escape and mitigate CSV [https://support.office.com/en-gb/article/Import-or-export-text-txt-or-csv-files-5250ac4c-663c-47ce-937b-339e391393ba] (Comma separated values) injection type attacks. For those of you who may not know what CSV injection is or how it occurs,