csv injection - ZeroSec - Adventures In Information Security

Delivering Many a Payload via CSRF

CSRF Is still an issue in 2018, with some interesting payload delivery methods. Chaining vulns and some more on CSV Injection too!

CSV Injection -> Meterpreter on Pornhub

Jul 29, 2016 2 min read bugbounty bug pornhub csv injection injection cell injection RCE meterpreter

This post will discuss an issue I found regarding CSV injection on Pornhub.com, allowing a remote attacker to inject malicious code into video titles resulting in potential full compromise of content creators

CSV Injection Revisited - Making Things More Dangerous(and fun)

Jul 22, 2016 4 min read bugbounty csv injection injection mitigations cell injection RCE meterpreter

In this post, I will discuss several methods and remediation steps that can be used to help escape and mitigate CSV [https://support.office.com/en-gb/article/Import-or-export-text-txt-or-csv-files-5250ac4c-663c-47ce-937b-339e391393ba] (Comma separated values) injection type