EUVD-2021-0626

Malware in sbrugna...

GHSA-7QMM-Q394-FMCH Command Injection in ps-kill

This affects all versions of package ps-kill. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file. PoC provided by...

Command Injection in ps-kill

This affects all versions of package ps-kill. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file. PoC provided by...

Npm ps-kill command injection vulnerability

Npm ps-kill is an application from Npm, Inc. Npm ps-kill is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands...

Remote Code Execution (RCE)

ps-kill is vulnerable to remote code execution. The childprocess exec function in index.js file does not sanitize the user-provided data to the kill function, allowing to execute malicious code via var pskill = require'ps-kill'; pskill.kill'$touch success',function;...

CVE-2021-23355

This affects all versions of package ps-kill. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file. PoC provided by...

Design/Logic Flaw

This affects all versions of package ps-kill. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file. PoC provided by...

CVE-2021-23355

CVE-2021-23355 affects all versions of the npm package ps-kill . The vulnerability arises from unsafely passing attacker-controlled input to Node.js’s child_process.exec in the index.js kill function, enabling arbitrary command execution. Proof-of-concept demonstrates invoking a shell command via...

CVE-2021-23355 Arbitrary Command Injection

This affects all versions of package ps-kill. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file. PoC provided by...

CVE-2021-23355

This affects all versions of package ps-kill. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization in the index.js file. PoC provided by...

Npm ps-kill 命令注入漏洞

Npm ps-kill is an application from Npm, Inc. Npm ps-kill is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands...

Arbitrary Command Injection

Overview ps-kill is a Kill processes with ease Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exe...