← back
CVE-2018-9107

CVE-2018-9107

EPSS 7.4%
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44369/unverifiedexploitdbwww.exploit-db.com/exploits/44369unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://vel.joomla.org/articles/2140-introducing-csv-injectionhttps://vel.joomla.org/resolved/2136-acymailing-5-9-5-csv-injectionhttps://www.acyba.com/acymailing/change-log.htmlhttps://www.exploit-db.com/exploits/44369/