Question

Give the name of the vulnerability resides in the below code:

... 
Runtime rt = Runtime.getRuntime(); 
Process proc = rt.exec("cmd.exe /c type "+request.getParameter("path")); //path is an Input Parameter and contains the file name. 
InputStream stdin = proc.getInputStream(); 
InputStreamReader isr = new InputStreamReader(stdin); 
BufferedReader br = new BufferedReader(isr);              
...

technology security

Race Condition
Command Injection
Denial of Service
Cross Site Request Forgery

Answer 1

Correct Option: B

Find more quizzes: