csv   8734

« earlier    

The Absurdly Underestimated Dangers of CSV Injection
Any cell that starts with an = is treated as a formula.
You can then execute any formula function.
security  excel  google  csv  injection 
3 days ago by drmeme
The Absurdly Underestimated Dangers of CSV Injection
In some ways this is old news, but in other ways…well, I think few realize how absolutely devastating and omnipresent this vulnerability can be. It is an attack vector available in every application I’ve ever seen that takes user input and allows administrators to bulk export to CSV.
csv  excel  google  security 
4 days ago by ssorc
How to write to utf-8 encoding format using CommaTextIo Class
A few months back, I had written a basic post on How to export csv data from AX using CommaTextIO Class

Now, we had a requirement to output the file in utf-8 encoding format and the credit for this post goes to Super Mario (Read below to find who Super Mario is ;-) ..) for his tip which I'm sharing with you all.
ax  ax-export  tips  csv 
5 days ago by torben
DT: An R interface to the DataTables library
Provides an R interface to the JavaScript library DataTables. R data objects (matrices or data frames) can be displayed as tables on HTML pages, and DataTables provides filtering, pagination, sorting, and many other features in the tables.
r  shiny  dashboard  utility  datatable  tabular  csv 
5 days ago by mjlassila
The Absurdly Underestimated Dangers of CSV Injection
You can include an arbitrary formula, VBA script, or even shell command in a CSV file and MS Excel will execute it at load time with the current user's privileges. Oy.

You can't do this with Google Sheets, but you *can* send all the data in the spreadsheet, and any others that user can reach, to some x-random URI. This is not much nicer.
security  excel  csv  shellinjection 
5 days ago by yorksranter

« earlier    

related tags

(popular  @article  algolia  api  app  appending  attack  ax-export  ax  backend  cli  code  column  command  conversion  converter  csv_injection  csvconf  dashboard  data  database  dataset  datatable  db  dev  documentation  drone  editor  example  excel  exel  export  file  free  generator  georgemauer  git  github  google-docs  google  googlesheets  guide  hack  hacking  hn  howto  ics  ifttt  import  importexport  injection  insert  java  javascript  jdbc  jq  js  json  k  kdb+  keep  latex  leading  league  leaguecsv  library  linux  mac  manual  micirosoft  mode  mysql  nodejs  office  open  opendata  opensource  osx  pandas  parser  pentesting  php  pivot  plain  pmid  pocket  postgresql  prevent  programming  python  q  r  react  read  reading  record  records  reference  regex  rust  script  search  security  select  sharing  sheets  shell  shellinjection  shiny  software  solution  spreadsheet  spreadsheets  sql  sqlite3  stackoverflow  standard  stream  table  tabular  text  textprocessing  thephpleague  tips  to  tonews  tool  tools  trojan  tsp  tsv  tutorial  unix  utility  v8  vector  viewer  visual  vulnerability  webdev  webdevel  webdevtools  whoa  workaround  writing  zeroes  zeros 

Copy this bookmark: