PT-2024-36004 · Unzip-Bot · Unzip-Bot
Name of the Vulnerable Software and Affected Versions: unzip-bot versions prior to 7.0.3a Description: The issue allows users to exploit unsanitized inputs to inject malicious commands that are executed through subprocess.Popen with shell=True. Attackers can exploit this using a crafted archive...