Command Injection — Executing Arbitrary System Commands via Application Input
Command Injection is a vulnerability that allows attackers to execute arbitrary operating system commands by manipulating application input. This SECMONS glossary entry explains how command injection works, its impact, how it differs from SQL injection, and how defenders can prevent it.