Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
description
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
1
cwe_id
73
name
External Control of File Name or Path
description
The product allows user input to control or influence paths or file names that are used in filesystem operations.