An issue exists in Open-AudIT 3.2.2. There is OS Command injection in Discovery.
opmantek open-audit 3.2.2