Command Injection

Overview node-idevice is an Install apps on your ios device. Node wrapper around ideviceinstaller. Affected versions of this package are vulnerable to Command Injection. It is possible to inject arbitrary commands by using a semicolon char while declaring the udid on IDevice. Remediation There is...

DEBIAN-CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; semicolon character in a print job, a different vulnerability than CVE-2015-8327...

CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; semicolon character in a print job, a different vulnerability than CVE-2015-8327...

John S.2 Roberts AnyForm 1.0/2.0 CGI Semicolon Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/719/info AnyForm is a popular form CGI designed to support simple forms that deliver responses via email. Certain versions of AnyForm did not perform user supplied data sanity checking and could be exploited by remote...

Design/Logic Flaw

recordertest.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon injection" vulnerability...