Exploit for Code Injection in Gitlab

CVE-2021-22205 This vulnerability arises from Gitlab’s impro...

LocalTapiola: RCE using bash command injection on /system/images (toimitilat.lahitapiola.fi)

Summary: the "/system/images" URL accepts a Base-64 encoded string, which is in turn used to convert images from the local disk before displaying them to the user. The website fails to validate the user input, allowing arbitrary bash command injection. Description: When surfing the...