-
Bug
-
Resolution: Done
-
Medium
-
Frankfurt Release
-
None
changed the exec call to the spawn call to prevent arbitrary code execution, also added mysql connection.escape methods to database calls to prevent sql injection.
changed the exec call to the spawn call to prevent arbitrary code execution, also added mysql connection.escape methods to database calls to prevent sql injection.