CVE-2020-22278

phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*

History

07 Nov 2023, 03:19

Type Values Removed Values Added
Summary ** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents." phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.

Information

Published : 2020-11-04 17:15

Updated : 2024-03-21 02:36


NVD link : CVE-2020-22278

Mitre link : CVE-2020-22278

CVE.ORG link : CVE-2020-22278


JSON object : View

Products Affected

phpmyadmin

  • phpmyadmin
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File