CVE-2013-1898

lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Date published : 2013-04-09

http://seclists.org/fulldisclosure/2013/Mar/218

http://vapid.dhs.org/advisories/thumbshooter-ruby-gem-remoteexec.html