Command Injection
Overview systeminformation is a simple system and OS information library. Affected versions of this package are vulnerable to Command Injection. The sanitizeShellString function does not sanitize quotation marks, which could be leveraged by an attacker to execute arbitrary commands. PoC const si ...