Command Injection
Overview enpeem is a lightweight wrapper for accessing npm programmatically alternative to adding npm as a dependency Affected versions of this package are vulnerable to Command Injection. The options.dir argument is provided to the exec function without any sanitization. PoC By JHU System Securi...