The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server.
The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a...Show more
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server.
The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a user with the project running on their computer might visit a website which would send such a malicious request to the locally launched server.Show less