csv – WindowsTechs.com

Preventing CSV Injection

Posted on October 29, 2024 by Ordiel

I am creating an application that takes information from another system and writes reports in CSV format. I am trying to mitigate CSV Injection vulnerabilities on it. I have done some research and I got started with OWASP – CSV Injection w… Continue reading Preventing CSV Injection→

Bringing Pro-Level Data Recording to RC Racing

Posted on August 4, 2019 by Tom Nardi

We’re all familiar with the “Black Box” used on commercial aircraft, the flight data recorder which captures the minutia of each and every flight on the off-chance that it’s needed in the event of an accident. But even in less dire circumstances, the complete record of the aircraft’s performance versus …read more

Continue reading Bringing Pro-Level Data Recording to RC Racing→

What security implications are involved when using a CSV file to fill a SQL table?

Posted on July 31, 2019 by techguy1029

I have some data on CSV files and I want automate the input of this data into an SQL database using Powershell. The data is mostly, if not completely, numbers.

I am using a script based on the one found here:
SIMPLE POWERSH… Continue reading What security implications are involved when using a CSV file to fill a SQL table?→

Live Apollo 11 Transcript On eInk Display

Posted on July 18, 2019 by Tom Nardi

There are few moments in history that have ever been recorded in more detail or analyzed as thoroughly as the Apollo 11 mission to the Moon. Getting three men to our nearest celestial neighbor and back in one piece took a lot of careful planning, and recording every moment of …read more

Continue reading Live Apollo 11 Transcript On eInk Display→

Guidance on Brute-Force Attacks on Multiple files

Posted on July 15, 2019 by Harrison

I have been running a brute force attack on multiple zip files with multiple .csv in them. Though I can see the file name and size, when I try to open the .csv it prompts me with a password. After letting it run for a few day… Continue reading Guidance on Brute-Force Attacks on Multiple files→

Can ClamAV detect CSV Injection?

Posted on March 12, 2019 by Ben

I’m allowing users to upload CSV files. Other users can download these files. I’m aware that CSV could be an attack vector.

Would a ClamAV (or other AV) scan offer protection against such a file?

Any scan would happen only … Continue reading Can ClamAV detect CSV Injection?→

File upload attack vectors when file is not saved to disk

Posted on March 7, 2019 by user2864874

I’m curious to know if there are any significant threats presented by files which are uploaded and read but are never saved to disk? I’ve read countless articles about file uploads regarding storage and retrieval of the file… Continue reading File upload attack vectors when file is not saved to disk→

What are some examples of injection attacks into databases that abuse common programs besides SQL?

Posted on February 6, 2019 by Selkie

Most data validation deals with SQL injection attacks. My question is, what other types of injection types are there that use common programs, and what are good defenses against them?

Continue reading What are some examples of injection attacks into databases that abuse common programs besides SQL?→

Adwind RAT Scurries By AV Software With New DDE Variant

Posted on September 24, 2018 by Lindsey O'Donnell

The spam campaign mostly targets victims in Turkey and Germany. Continue reading Adwind RAT Scurries By AV Software With New DDE Variant→

Preventing dangerous CSV Formula Injection

Posted on August 2, 2018 by Yuu

I have a form that takes user input and records them in a table. My form sanitizes user input by deleting certain characters (mentioned below). I can export a CSV of the table, which outputs the cells as it is.

The correct … Continue reading Preventing dangerous CSV Formula Injection→