Get Demo
pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.