mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-21 17:40:09 +00:00
745 B
745 B
CVE-2019-5485
&color=brighgreen)
Description
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.
POC
Reference
- http://packetstormsecurity.com/files/154598/NPMJS-gitlabhook-0.0.17-Remote-Command-Execution.html
- https://hackerone.com/reports/685447
Github
No PoCs found on GitHub currently.