logo
DATABASE RESOURCES PRICING ABOUT US

Remote Code Execution (RCE)

Description

ps-kill is vulnerable to remote code execution. The child_process exec function in index.js file does not sanitize the user-provided data to the kill function, allowing to execute malicious code via `var ps_kill = require('ps-kill'); ps_kill.kill('$(touch success)',function(){});`.


Affected Software


CPE Name Name Version
ps-kill 1.0.0

Related