CVE-2024-9102

Published at:
2024-12-19T14:15:06.327
Source: [email protected]

Global infos:

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value (CSV) file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet product. Thus, this could lead to CSV Formula Injection.

CVE Status: Awaiting Analysis

References:

  • [email protected]
  • [email protected]
  • [email protected]
    •

    Metrics:

    No CVSS data available

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords