CVE-2024-9102
PHP LDAP Admin (phpLDAPadmin) versions 1.2.0 through 1.2.6.7 are vulnerable to CSV Formula Injection when exporting directory entries to CSV, because the export path does not neutralize elements that can be interpreted as commands by spreadsheet apps. This can allow an attacker-controlled data el...