CVE-2014-9682 in Dns-sync
Résumé
par MITRE
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.