CSV Injection Flaw in PHPJabbers Cleaning Business Software
CVE-2023-51331

6.5MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Cleaning Business Software
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51331?

The Cleaning Business Software by PHPJabbers, specifically version 1.0, suffers from a CSV Injection vulnerability due to inadequate input validation in the Languages section Labels parameters of System Options. This oversight permits attackers to craft malicious CSV files that can execute unauthorized commands when opened. Organizations using this software should prioritize updating to secure their systems against potential exploits.

References

https://www.phpjabbers.com/cleaning-business-software/#se...

https://packetstorm.news/files/id/176509

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023