11 matches found
EUVD-2021-0817
Malware in sbrugna...
GHSA-FC42-H7Q4-QP8H Command Injection in killport
This affects the package killport before 1.0.2. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...
Command Injection in killport
This affects the package killport before 1.0.2. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...
Remote Code Execution (RCE)
killport is vulnerable to remote code execution. The vulnerability exists due to the use of the childprocess.exec function without input sanitization...
CVE-2021-23360
This affects the package killport before 1.0.2. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...
Input validation
This affects the package killport before 1.0.2. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...
CVE-2021-23360 Arbitrary Command Injection
This affects the package killport before 1.0.2. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...
CVE-2021-23360
The CVE-2021-23360 entry affects the Node.js module killport prior to 1.0.2, which uses child_process.exec without input sanitization. This allows an attacker-controlled input to trigger arbitrary command execution (e.g., PoC that creates a file named “success”). Documentation from Snyk, GHSA, Ve...
CVE-2021-23360
This affects the package killport before 1.0.2. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization. Running this PoC will cause the command touch success to be...
Ssnau killport 命令注入漏洞
Ssnau killport is Ssnau an open source application. Provides a nodejs module to kill the functionality of any process on a given port. A security vulnerability exists in versions prior to killport 1.0.2. The vulnerability allows an attacker to execute arbitrary commands...
Arbitrary Command Injection
Overview killport is an a nodejs module to kill any processes base on its port Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the...