|
|
|
|
|
|
by bawolff
1973 days ago
|
|
|
It sounds like a shell injection vulnerability [i have not actually checked though]. Attack scenario is somewhat realistic ("friend" sends you an image in a manner that preserves filenames, you run command on file) Being blatently vulnerable is not the same thing as being not production ready. |
|
|