Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construct messages from external sources.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
TkEasyGUI 操作系统命令注入漏洞
Vulnerability Description
TkEasyGUI是kujirahand个人开发者的一个在Python中的GUI库。 TkEasyGUI 1.0.22之前版本存在操作系统命令注入漏洞,该漏洞源于特殊元素中和不当,可能导致远程未认证攻击者执行任意OS命令。
CVSS Information
N/A
Vulnerability Type
N/A