UDID+ version 2.5 suffers from a command injection vulnerability.