Vulnerabilities > Kdirstat Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-08-26 | CVE-2014-2528 | kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a ' (single quote) character in the directory name, a different vulnerability than CVE-2014-2527. | 6.8 |
2014-08-26 | CVE-2014-2527 | Remote Command Injection vulnerability in K4DirStat kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory name, a different vulnerability than CVE-2014-2528. | 6.8 |