Remote command execution in fastreader ruby gem

Ruby gem fastreader-1.0.8 remote code exec 3/6/2013 if the url contains any ; characters code will be executed as the user. for example if fastreader is fed http://www.g;id;.com id will be executed. ./fastreader-1.0.8/lib/entrycontroller.rb .strip only removes whitespace before and after the URL...

Ruby Gem Fastreader 1.0.8 Command Execution Vulnerability

Ruby Gem Fastreader version 1.0.8 suffers from a remote command execution vulnerability due to a lack of user input sanitization. Ruby gem fastreader-1.0.8 remote code exec 3/6/2013 https://rubygems.org/gems/fastreader if the url contains any ; characters code will be executed as the user when a...