ERPGo SaaS 3.9 CSV Injection...

- AV AC AU C I A
发布: 2023-01-23
修订: 2024-12-11

ERPGo is a software as a service (SaaS) platform that is vulnerable to CSV injection attacks. This type of attack occurs when an attacker is able to manipulate the data that is imported or exported in a CSV file, in order to execute malicious code or gain unauthorized access to sensitive information. This vulnerability can be exploited by an attacker by injecting specially crafted data into a CSV file, which is then imported into the ERPGo system. This can potentially allow the attacker to gain access to sensitive information, such as login credentials or financial data, or to execute malicious code on the system.

0%
当前有1条漏洞利用/PoC
当前有0条受影响产品信息