Git-Msk

**Name of the Vulnerable Software and Affected Versions** Web-Check versions (affected versions not specified) **Description** A command injection issue exists in the screenshot API of the Web Check project, stemming from user-controlled input (`url`) being passed unsanitized into a shell command using `exec()`, allowing attackers to execute arbitrary system commands on the underlying host. This could be exploited by sending crafted `url` parameters to extract files or even establish remote access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.