Command injection

executing a code on back-end server, by way of exploiting vulnerable user input mechanism

vulnerability arises due to improper handling of user input

types of command injections vary according to the server programming languages

examples include:

• PHP
• NodeJS