39 matches found
EUVD-2020-0324
Malware in sbrugna...
EUVD-2022-6534
Malicious code in bioql PyPI...
CVE-2020-5257
In Administrate rubygem before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a SQL injection if the attacker were able to modify the direction parameter and bypass ActiveRecord...
Malicious code in administrate_field-password (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in administrate_field-paperclip (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in administrate_field-mobility (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in administrate-field-belongs-to_search (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6514 Malicious code in administrate-field-belongs-to_search (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
administrate vulnerable to Cross-Site Request Forgery
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
GHSA-CC8C-26RJ-V2VX administrate vulnerable to Cross-Site Request Forgery
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
CVE-2016-3098
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
CVE-2016-3098
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
CVE-2016-3098
CVE-2016-3098 describes a Cross-site request forgery (CSRF) vulnerability in the Administrate Rails dashboard (versions 0.1.4 and earlier) that can allow remote attackers to hijack a user’s OAuth authorization code. The vulnerability is documented across multiple sources (including Red Hat, GHSA,...
CVE-2016-3098
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
administrate 跨站请求伪造漏洞
administrate is thoughtbot open source to create a flexible and powerful administrative dashboard in Rails framework . A cross-site request forgery vulnerability exists in administrate version 0.1.4 and earlier. A remote attacker could use this vulnerability to hijack a user's OAuth authorization...
PT-2022-7857 · Unknown · Administrate
Name of the Vulnerable Software and Affected Versions: administrate versions 0.1.4 and earlier Description: A cross-site request forgery CSRF issue allows remote attackers to hijack the user's OAuth authorization code. Recommendations: For versions 0.1.4 and earlier, update to a version that fixe...
Malicious Package
Overview administratefield-password is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview administrate-field-belongs-tosearch is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avo...
Malicious Package
Overview administratefield-mobility is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...