3 matches found
Ruby on Rails vulnerable to code injection
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOADPATH variable, a different vulnerability than CVE-2006-4112...
High severity vulnerability that affects rails
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOADPATH variable, a different vulnerability than CVE-2006-4112...
Ruby on Rails fails to properly verify input passed via the URL
Overview Ruby on Rails fails to properly validate input. This may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Ruby on Rails is a web application programming framework. Ruby on Rails 1.1.4 and earlier contain a vulnerability in the processing of user input...