The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier, when user triggers are enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in an argument.
https://www.exploit-db.com/exploits/7183
https://exchange.xforce.ibmcloud.com/vulnerabilities/46801
http://www.securityfocus.com/bid/32420
http://securityreason.com/securityalert/4800