When adding the registry, the parameters were not escaped, leading to a bug and security vulnerability

[xinghejd]

To Reproduce

1. Add a external registry.
2. input the correct password with special symbols.(e.g. '123$456')
3. click the Test Registry or Create button

Current vs. Expected behavior

Current:
It failed because of an incorrect password.
Expected:
It works.

Provide environment information

Dokploy Version: v0.9.0

Which area(s) are affected? (Select all that apply)

Docker

Additional context

The issue here lies in the fact that the password and other inputs are directly passed as parameters to the execute command without any escaping.
const loginCommand = `echo ${input.password} | docker login ${input.registryUrl} --username ${input.username} --password-stdin`; await execAsync(loginCommand);
Therefore, when the password contains special characters, the registry cannot be added properly. bytheway, wrapping the password in single quotes manually allows it to be added successfully.
So, there is also a command injection security vulnerability: the parameters are not securely escaped, which means arbitrary commands could be executed in a privileged Docker container, potentially allowing an escape to the host machine.
Although this requires access to the admin panel.

[Siumauricio]

Well I wouldn't really consider it a vulnerability, since they need access to the dashboard to be able to manipulate, and if they access the dashboard they could do almost anything, I will investigate some solution to escape characters or what would be the best solution for this.