We have a simple php file that captures emails. It drops these emails into a csv file (which is not executable by php). We recently had someone who managed to hack our site and this seemed like one of the entry points, but I don't see how it's possible. Here's the script:
$fh = fopen('cap.csv', 'a+');
fwrite($fh, "\r".$_GET['email']);
fclose($fh);
Pretty basic right? Is there anyway you can think of to exploit this?
Yes, but probably not what you are looking for.
The only things I could do are:
It won't allow me to execute anything, or gain access to anything though. (Unless you process it and cause an leak somewhere else). But still - make this secure!