ERPGo SaaS 3.9 CSV Injection

Posted by deepcore on January 24, 2023 – 1:23 am

ERPGo is a software as a service (SaaS) platform that is vulnerable to CSV injection attacks. This type of attack occurs when an attacker is able to manipulate the data that is imported or exported in a CSV file, in order to execute malicious code or gain unauthorized access to sensitive information. This vulnerability can be exploited by an attacker by injecting specially crafted data into a CSV file, which is then imported into the ERPGo system. This can potentially allow the attacker to gain access to sensitive information, such as login credentials or financial data, or to execute malicious code on the system.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Active eCommerce CMS 6.5.0 Cross Site Scripting Inout RealEstate 2.1.3 SQL Injection »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

ERPGo SaaS 3.9 CSV Injection

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL