The vulnerability of the Ohcount source code counting tool lies in the lack of measures to clean input data, allowing a hacker to execute arbitrary code.

The vulnerability of the Ohcount source code counting tool is related to the lack of measures to clean input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code as the user who runs Ohcount, by using specially created file names containing metasymbols...