Vulnerabilities > CVE-2018-16651 - Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyfaq
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.