<http://webisa.webdatacommons.org/453681205> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <http://www.w3.org/ns/prov#Entity> . <http://webisa.webdatacommons.org/453681205> <http://www.w3.org/ns/prov#wasQuotedFrom> <quatrashield.com> . <http://webisa.webdatacommons.org/prov/100205620> <http://www.w3.org/ns/prov#wasDerivedFrom> <http://webisa.webdatacommons.org/453681205> . <http://webisa.webdatacommons.org/prov/296671785> <http://www.w3.org/ns/prov#wasDerivedFrom> <http://webisa.webdatacommons.org/453681205> . <http://webisa.webdatacommons.org/453681205> <http://www.w3.org/ns/prov#value> "A range of web apps written in PHP, Python, C++ or Java could be vulnerable if they use calls to functions such as popen() or system(), as these are backed by calls to /bin/sh -c in turn, Zalewski notes." .