Title: Vulnerability Report for Ruby Gem lynx-0.2.0

Author: Larry W. Cashdollar, @_larry0<br><br>Date: 06/01/2014

Download: http://rubygems.org/gems/lynx

Gem Author:  pan.thomakos@gmail.com

From: ./lynx-0.2.0/lib/lynx/pipe/get.rb

Doesn't properly sanitize user input before sending to command line: 

From: lynx/blob/master/lib/lynx/pipe/run.rb
module Lynx
  module Pipe
    class Run < Basic
      def perform(command)
        system(command.to_s)
      end
    end
  end
end

Exposes password to the process table
From:lynx/blob/master/lib/lynx/command/basic.rb

@command << "--password=#{config.password}" if config.password

04-  module Pipe
6-      def perform(command)
7:        `#{command}`.strip
8-      end
9-    end
10-  end