What is Command Injection vulnerability?
The purpose of a command injection attack is to execute arbitrary commands on the host operating system using a susceptible application. When an application sends dangerous user-supplied data (forms, cookies, HTTP headers, etc.) to a system shell, command injection attacks are conceivable. The attacker-supplied operating system commands are normally performed with the susceptible application’s privileges …