Published: 28/03/2018 Updated: 24/08/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension prior to 5.9.6 for Joomla! via a value that is mishandled in a CSV export.

Vulnerable Product	Search on Vulmon	Subscribe to Product
acyba acymailing

Joomla Acymailing Starter component version 595 suffers from a CSV macro injection vulnerability ...

# Exploit Title: Joomla! Component Acymailing Starter 595 CSV Macro Injection # Google Dork: N/A # Date: 22-03-2018 ################################ # Exploit Author: Sureshbabu Narvaneni ################################ # Vendor Homepage: wwwacybacom # Software Link: extensionsjoomlaorg/extension/acymailing-starter/ # Affecte ...

CWE-1236 https://www.acyba.com/acymailing/change-log.html https://vel.joomla.org/resolved/2136-acymailing-5-9-5-csv-injection https://vel.joomla.org/articles/2140-introducing-csv-injection https://www.exploit-db.com/exploits/44369/https://nvd.nist.gov https://packetstormsecurity.com/files/146993/Joomla-Acymailing-Starter-5.9.5-CSV-Macro-Injection.html https://www.exploit-db.com/exploits/44369/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-9107

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect