To access the dashboard, Schedule scans, API and Search become a patron

Search for hundreds of thousands of exploits

"Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection"

Author

Exploit author

"Mufaddal Masalawala"

Platform

Exploit platform

php

Release date

Exploit published date

2020-11-10

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection
# Date: 2020-10-17
# Exploit Author: Mufaddal Masalawala
# Vendor Homepage: https://www.anuko.com/ <https://berrnd.de/>
# Software Link: https://www.anuko.com/time-tracker/index.htm
# Version: 1.19.23.5325
# Tested on: Kali Linux 2020.3
# CVE: CVE-2020-15255
# Proof Of Concept:
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in
Reports feature in Anuko Time Tracker v1.19.23.5311 via User, Project and
Note data field that is mistreated while exporting to a CSV file.
To exploit this vulnerability:

   1. Login to the application, goto 'User' module and edit the user
   2. Inject the payload *=rundll32|'URL.dll,OpenURL calc.exe'!A* in the
   'Name' field
   3. Goto 'Project' module, add a new project with the same malicious
   payload in the 'Name' field
   4. Goto 'Time' module, select our created User, Project and again enter
   the same payload in 'Note' field
   5. Enter the rest of the details and click 'Submit'
   6. Now goto 'Reports' click Generateand download the CSV file
   7. Open the CSV file, allow all popups and our payload is executed
   (calculator is opened).
Release Date Title Type Platform Author
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Microsoft Windows - Win32k Elevation of Privilege" local windows nu11secur1ty
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
2020-12-02 "Pharmacy Store Management System 1.0 - 'id' SQL Injection" webapps php "Aydın Baran Ertemir"
Release Date Title Type Platform Author
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover" webapps php "Mufaddal Masalawala"
2020-12-01 "Tendenci 12.3.1 - CSV/ Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-11-10 "Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection" webapps php "Mufaddal Masalawala"
2020-09-07 "grocy 2.7.1 - Persistent Cross-Site Scripting" webapps php "Mufaddal Masalawala"
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/49027/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.