Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
command_injection
Vulnerability Description
This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js. The vulnerability is demonstrated with the following PoC:
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Radarsu Ts-process-promises 命令注入漏洞
Vulnerability Description
Radarsu Ts-process-promises是Radarsu个人开发者的一款基于Javascript的用于执行Shell命令并可缓存输出的应用软件。 ts-process-promises 存在命令注入漏洞,lib/process-promises.js的45行存在注入点。
CVSS Information
N/A
Vulnerability Type
N/A