logo

Database

CSV injection In thorsten/phpmyfaq

Description

phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-40062. NVD-2023-40063. OSV-2023-40064. GCVE-2023-4006

References

1. https://github.com/thorsten/phpmyfaq/commit/03946eca488724251eaed8d9d36fed92e6d8fd222. https://huntr.dev/bounties/36149a42-cbd5-445e-a371-e351c899b189

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.