CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel.
CWE-1236
CVE-2018-20752
An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a username, it will not be properly sanitized when exported to a CSV file. This can result in remote code execution for the attacker.
CVE-2018-20468
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has “export to excel features” that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution.
CVE-2018-19855
UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features.
CVE-2018-1774
IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened by an administrator. IBM X-Force ID: 148692.
CVE-2018-16651
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.