CWE-77

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.

The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used.

A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka “Microsoft Wireless Display Adapter Command Injection Vulnerability.” This affects Microsoft Wireless Display Adapter V2 Software.

A Command Injection vulnerability exists in the web-based GUI of the 1st Gen PelcoSarix Enhanced Camera that could allow a remote attacker to execute arbitrary commands.

A Command Injection vulnerability exists in the web-based GUI of the 1st Gen Pelco Sarix Enhanced Camera that could allow a remote attacker to execute arbitrary commands.