File tree
Expand file treeCollapse file tree1 file changed
+39
-8
lines changed pyt/vulnerability_definitions
Expand file treeCollapse file tree1 file changed
+39
-8
lines changed | Original file line number | Diff line number | Diff line change |
|---|
|
30 | 30 | "'..' in" |
31 | 31 | ] |
32 | 32 | }, |
| 33 | +"commands.getoutput(": {}, |
| 34 | +"commands.getstatusoutput(": {}, |
33 | 35 | "execute(": {}, |
34 | | -"os.system(": {}, |
35 | 36 | "filter(": {}, |
36 | | -"subprocess.call(": {}, |
37 | | -"subprocess.Popen(": {}, |
38 | | -"render_template(": {}, |
39 | | -"set_cookie(": {}, |
40 | | -"redirect(": {}, |
41 | | -"url_for(": {}, |
42 | 37 | "flash(": {}, |
43 | 38 | "jsonify(": {}, |
| 39 | +"os.execl(": {}, |
| 40 | +"os.execle(": {}, |
| 41 | +"os.execlp(": {}, |
| 42 | +"os.execlpe(": {}, |
| 43 | +"os.execv(": {}, |
| 44 | +"os.execve(": {}, |
| 45 | +"os.execvp(": {}, |
| 46 | +"os.execvpe(": {}, |
| 47 | +"os.popen(": {}, |
| 48 | +"os.popen2(": {}, |
| 49 | +"os.popen3(": {}, |
| 50 | +"os.popen4(": {}, |
| 51 | +"os.spawnl(": {}, |
| 52 | +"os.spawnle(": {}, |
| 53 | +"os.spawnlp(": {}, |
| 54 | +"os.spawnlpe(": {}, |
| 55 | +"os.spawnv(": {}, |
| 56 | +"os.spawnve(": {}, |
| 57 | +"os.spawnvp(": {}, |
| 58 | +"os.spawnvpe(": {}, |
| 59 | +"os.startfile(": {}, |
| 60 | +"os.system(": {}, |
| 61 | +"popen2.Popen3(": {}, |
| 62 | +"popen2.Popen4(": {}, |
| 63 | +"popen2.popen2(": {}, |
| 64 | +"popen2.popen3(": {}, |
| 65 | +"popen2.popen4(": {}, |
| 66 | +"redirect(": {}, |
44 | 67 | "render(": {}, |
45 | | -"render_to_response(": {} |
| 68 | +"render_template(": {}, |
| 69 | +"render_to_response(": {}, |
| 70 | +"set_cookie(": {}, |
| 71 | +"subprocess.Popen(": {}, |
| 72 | +"subprocess.call(": {}, |
| 73 | +"subprocess.check_call(": {}, |
| 74 | +"subprocess.check_output(": {}, |
| 75 | +"subprocess.run(": {}, |
| 76 | +"url_for(": {} |
46 | 77 | } |
47 | 78 | } |
You can’t perform that action at this time.
0 commit comments