Query module CommandInjection

name
Uncontrolled command line
description
Using externally controlled strings in a command line may allow a malicious user to change the meaning of the command.
kind
path-problem
problem.severity
error
precision
high
id
cs/command-line-injection
tags
correctness security external/cwe/cwe-078 external/cwe/cwe-088

Imports

CommandInjection
PathGraph

Provides the query predicates needed to include a graph in a path-problem query.

csharp

The default C# QL library.