GUI-scientific-calculator-using-python icon indicating copy to clipboard operation
GUI-scientific-calculator-using-python copied to clipboard

Published 20 hours ago verified publisher icon Warrioravi

Code execution vulnerability

Open ghost opened this issue 4 years ago • 2 comments

In your code, you are using the function eval(), which allows the user to execute any python code inputted, like __import__('os').system('whoami') .

ghost avatar May 09 '20 18:05 ghost

He should have used text box instead of input text box, In that case input would have been controlled by software instead

h4ck0lympus avatar May 03 '21 01:05 h4ck0lympus

Moreover it doesn't even matter unless you are running your GUI on some kinda server, which I don't think you will ever do so.

h4ck0lympus avatar May 03 '21 04:05 h4ck0lympus