CVE-2023-53929

HIGH

phpMyFAQ 3.1.12 - Authenticated CSV Injection via User Profile Export

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53929. PoCs published by Mirabbas Ağalarov.

AI-analyzed exploit summary This exploit demonstrates a CSV injection vulnerability in phpMyFAQ v3.1.12. By manipulating a user's name field to include a malicious payload (e.g., =calc|a!z|), an attacker can trigger arbitrary command execution when an admin exports user data to CSV and opens it in a vulnerable spreadsheet application.

Description

phpMyFAQ 3.1.12 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into their profile names. Attackers can modify their user profile name with a payload like 'calc|a!z|' to trigger code execution when an administrator exports user data as a CSV file.

Exploits (1)

exploitdb WORKING POC

by Mirabbas Ağalarov · textwebappsphp

https://www.exploit-db.com/exploits/51399

View Code ZIP pw:eip

This exploit demonstrates a CSV injection vulnerability in phpMyFAQ v3.1.12. By manipulating a user's name field to include a malicious payload (e.g., =calc|a!z|), an attacker can trigger arbitrary command execution when an admin exports user data to CSV and opens it in a vulnerable spreadsheet application.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: phpMyFAQ v3.1.12

Auth required

Prerequisites: User account with permission to modify profile name · Admin action to export user data as CSV

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/51399

Product product

https://www.phpmyfaq.de/

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/phpmyfaq-csv-injection-via-user-profile-export

Scores

CVSS v3 8.8

EPSS 0.0007

EPSS Percentile 22.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-1236

Status published

Products (4)

phpmyfaq/phpmyfaq 3.1.12

phpmyfaq/phpmyfaq 0Packagist

Phpmyfaq/phpMyFAQ 3.1.12

thorsten/phpmyfaq 0Packagist

Published Dec 17, 2025

Tracked Since Feb 18, 2026