CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
Official CWE-88 definition at MITREImpactr finds and proves weaknesses like CWE-88 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist