CVE-2024-36057

Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-image.pl is vulnerable to command injection via shell metacharacters because input data can be controlled by...

Mapbox: Test-scripts for postgis in mason-repository using unsafe unzip of content from unclaimed bucket creates potential RCE-issues

On March 25, 2018 @fransrosen reported a vulnerability to Mapbox. An AWS S3 bucket previously owned by Mapbox was reclaimed by this researcher, which is possible due to the global namespacing of S3 buckets. This bucket was still actively referenced in a test script. The bucket takeover therefore...