Open theredcameron opened 2 months ago
The use of 'exec' here is highly concerning. Seeing how the program uses it, this could open the door to a remote execution attack.
I would suggest reading the file directly and setting the variable values based on what is found in the file, rather than executing the file itself.
The use of 'exec' here is highly concerning. Seeing how the program uses it, this could open the door to a remote execution attack.
I would suggest reading the file directly and setting the variable values based on what is found in the file, rather than executing the file itself.