Event Registration App is a JavaScript application for registering event participants by Carlo Monteroβs personal developer. v1.0 of the Carlo Montero Event Registration App is vulnerable to CSV injection, which stems from improper use of the formula elements in the First Name, Contact and Remarks fields, and can be exploited to execute arbitrary code via a crafted excel file to execute arbitrary code.