Description
phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents.
Remediation
References
Related Vulnerabilities
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8815)
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1)
PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1936)
WordPress Plugin Lazy content Slider Cross-Site Request Forgery (3.4)