OS Command Injection
File Browser is vulnerable to OS command injection. The vulnerability is due to unsanitized variable substitution in the hook system, where attacker-controlled filenames containing shell metacharacters are expanded into administrator-defined shell commands, allowing attackers to execute arbitrary...