Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, google-it will unsafely concat the result's link retrieved from google to a shell command, potentially exposing the server to RCE.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google-it 操作系统命令注入漏洞
Vulnerability Description
Google-it是一个简单的库,用于将 Google 搜索结果转换为 JSON 输出,不久将提供交互式显示选项。 Google-it 1.6.2及之前版本存在安全漏洞,该漏洞源于它允许其用户向 Google 发送搜索查询并以 JSON 格式接收结果,攻击者利用该漏洞可以在运行google-it 的机器上远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A