4 matches found
CVE-2020-28424
creationtimestamp| type| source ---|---|--- 2022-08-02 18:18:00+00:00| seen| https://t.me/cibsecurity/47415...
CVE-2020-28424
This affects all versions of package s3-kilatstorage...
CVE-2020-28424 Command Injection
This affects all versions of package s3-kilatstorage...
CVE-2020-28424
CVE-2020-28424 affects all versions of the npm package s3-kilatstorage. The root cause is lack of input sanitization in the code that invokes a shell command (using s3cmd), enabling potential arbitrary command execution. PoC demonstrates injecting commands via an argument to makeBucket(); no fixe...