July 7, 2017 - A command injection is a class of vulnerabilities where the attacker can control one or multiple commands that are being executed on a system. This post will go over the impact, how to test for it, defeating mitigations, and caveats.

**Summary:** Arbitrary commands can be injected when using the "Search on Internet" function with a malicious custom search engine. The custom search engine can be set through the GUI or the config files, with different attack scenarios.

It allows execution of arbitrary code on the remote server, that waits for instructions from gitlab. # Module **module name:** gitlabhook **version:** 0.0.17 **npm page:** `https://www.npmjs.com/package/gitlabhook` ## Module Description ...

It allows an attacker to inject and execute shell commands on Unix based systems. # Module **module name:** freespace **version:** 1.0.4 **npm page:** `https://www.npmjs.com/package/freespace` ## Module Description A library ...

I would like to report **OS Command Injection** vulnerability on [Jison](https://www.npmjs.com/package/jison) in parser ports. *(CSharp, PHP)* It allows arbitrary OS shell command execution through a crafted command-line argument. # Basic ...

It allows an attacker to inject arbitrary commands. # Module **module name:** kill-port **version:** 1.3.1 **npm page:** `https://www.npmjs.com/package/kill-port` ## Module Description Kill the process running on given port ...

OS Command injection on text-to-speech functionality API.

Details: If the `remove_unparseable` function receives a list of files with a command in the name of one of them, it will be executed. Just enough the name to match the pattern. The problem code: ```ruby def remove_unparseable files files.reject ...

**Summary:** The Navy has a Pulse Secure SSL VPN (https://████████/dana-na/auth/url_default/welcome.cgi) that is vulnerable to: CVE-2019-11510 - Pre-auth Arbitrary File Reading CVE-2019-11539 - Post-auth Command Injection vulnerable hostname from ssl certificate: ██████████.navy.mil The pre-auth arbitrary file reading vulnerability (CVE-2019-11510) enables an un-authenicated user to read the...

Hi While using NET::Ftp I realised you could get command execution through "malicious" file names. The problem lies in the `gettextfile(remotefile, localfile = File.basename(remotefile))` method.

February 27, 2018 - Sign in to HackerOne.

When a file which has command file name of stating with `|` is in `Rake::FileList`, then `egrep` will execute the command. # How to reproduce PoC (`poc_rake.rb`) is the following.

As `Shell#test` and `Shell#[]` use `send` when transferring to FileTest, private methods etc. can also be called. Therefore, command injection is possible when a crafted value is passed. ```ruby $...

##Information: **Summary:** Notepad++ is vulnerable to a command injection vulnerability. **Debug Info:** Notepad++ v7.6.3 (32-bit) Build time : Jan 27 2019 - 17:20:30 Path : C:\Program Files (x86)\Notepad++\notepad++.exe Admin mode : ON Local Conf mode : OFF OS : Windows 10 (64-bit) Plugins : none **Description:** When launching the web browser with the defined `SearchEngine`, the...

The `Projects::GitlabProjectsImportService` contains a vulnerability that allows an attacker to write files to arbitrary directories on the server. This leads to an arbitrary command execution vulnerability by overwriting the `authorized_keys` file.

March 18, 2022 - Sign in to HackerOne.

**Summary** The Bandit tool flagged the usage of the ``subprocess``module in the file ``curl.py``under the **B404:blacklist rule**. This rule highlights potential security risks associated with using the subprocess module without proper sanitization ...

vulnerable versions: = 1.4.4

I would like to report a `Command Injection` issue in the `gfc` module. It allows to execute arbitrary commands on the victim's PC. # Module **module name:** `gfc` **version:** `2.0.2` **npm page:** `https://www.npmjs.com/package/gfc` ## Module ...

### Summary The `y` parameter of `/edit/process` endpoint (with `a=crop`) is vulnerable to command-line argument injection to something that appears to be GraphicsMagick utility (probably `gm convert`). Due to GraphicsMagick's hacker-friendly processing of `|`-starting filenames supplied to `-write` option, it leads to command execution.