2 matches found
Radarsu Ts-process-promises Command Injection Vulnerability
Radarsu Ts-process-promises is a Javascript-based application for executing shell commands with cached output by the individual developers at Radarsu. Ts-process-promises is vulnerable to a command injection vulnerability with an injection point at line 45 of lib/process-promises.js...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 45 in main entry of package in lib/process-promises.js. PoC var a =require"ts-process-promises"; a.exec"touch JHU",; Remediation There is no fixed version for ts-process-promises...