Lucene search
+L

Arbitrary Variants Via Query Parameters

🗓️ 01 Jul 2019 00:00:00Reported by RubySecType 
rubygems
 rubygems
🔗 rubysec.com👁 19 Views

Due to unvalidated input, an attacker can pass in arbitrary variants via query parameters. Potential vulnerabilities include SQL injection and cross-site scripting (XSS)

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2019-13146
9 Jul 201918:15
attackerkb
CVE
CVE-2019-13146
9 Jul 201917:58
cve
Cvelist
CVE-2019-13146
9 Jul 201917:58
cvelist
EUVD
EUVD-2019-0607
7 Oct 202500:30
euvd
Github Security Blog
field_test gem contains injection vulnerability
16 Jul 201900:42
github
NVD
CVE-2019-13146
9 Jul 201918:15
nvd
OSV
GHSA-WG9M-GW3H-HG83 field_test gem contains injection vulnerability
16 Jul 201900:42
osv
Prion
Cross site scripting
9 Jul 201918:15
prion
RedhatCVE
CVE-2019-13146
22 May 202508:04
redhatcve
Veracode
Template Injection
3 Jul 201901:40
veracode
Rows per page
Vulners
Node
rubyfield_testRange0.3.1

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2019 00:00Current
4.9Medium risk
Vulners AI Score4.9
CVSS 25
CVSS 35.3
EPSS0.01449
19