Bypass fix in https://hackerone.com/reports/151516 report.
Low
I
Ian Dunn
Submitted None
Actions:
Reported by
0x01alka
Vulnerability Details
Technical details and impact analysis
Hi.
**Steps to reproduce:**
1. The same in previous https://hackerone.com/reports/151516 report.
2. But payload to bypass your fix would be like this: `;=cmd|' /C calc'!A0`
**Solution:**
1. Add `;` in your escape function esc_csv() on line 2858 of camptix.php
**References:**
1. https://www.owasp.org/index.php/CSV_Excel_Macro_Injection
Tested on Windows 7 64 + Microsoft Office Exel 2003(think will work and on later versions)
Regards.
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$100.00
Submitted
Weakness
Command Injection - Generic