Arbitrary Command Execution via URL in Canto Curses
CVE-2013-7416 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed.
Learn more about our Cis Benchmark Audit For Server Software.