OS Command Injection endpoint '/upload/init' parameter 'filename' (RCE) in DumpDrop

DumpDrop is a stupid simple file upload application that provides an interface for dragging and dropping files. An OS Command Injection vulnerability was discovered in the DumbDrop application, `/upload/init` endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely when the **Apprise Notification** enabled. This issue has been addressed in commit `4ff8469d` and all users are advised to patch. There are no known workarounds for this vulnerability.

N/A

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Dumb Drop 安全漏洞

Dumb Drop是DumbWare开源的一个应用程序。 Dumb Drop存在安全漏洞，该漏洞源于OS命令注入，可能允许攻击者远程执行任意代码。

N/A

N/A