CSV Injection Vulnerability in phpMyAdmin by phpMyAdmin Development Team
CVE-2020-22278
8.8HIGH
What is CVE-2020-22278?
A vulnerability exists in phpMyAdmin versions up to 5.0.2 that allows for the execution of CSV injection attacks via the Export Section. Attackers can manipulate the CSV file output, potentially leading to unauthorized command execution in the context of the user opening the file. Although the vendor asserts that the generated CSV file accurately reflects the database contents, the risk of CSV injection must be addressed to ensure user safety and data integrity.