Command Injection
idno/known is vulnerable to Command Injection. The vulnerability is due to improper handling of file imports combined with template path traversal, which allows an attacker to write malicious files and execute arbitrary code on the server...