Title:Thumbshooter 0.1.5 remote code execution
Specially crafted URLs can result in remote code execution if the URL contains shell metacharacters.

We see that the url is passed directly to the shell in the following code snippet from ./thumbshooter-0.1.5/lib/thumbshooter.rb:

 1012       command << "xvfb-run -a --server-args='-screen 0, #{screen}x24' "
 1015     command << "{WEBKIT2PNG} '{url}' {args}"
 1016 
 1017     img    = `{command} 2>&1`