Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2017/12/29 4:29 p.m.36 views

CVE-2017-17916

SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.1CVSS7.5AI score0.01532EPSS
Exploits1References2
NVD
NVD
added 2017/12/29 4:29 p.m.20 views

CVE-2017-17916

SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.1CVSS8.6AI score0.01532EPSS
Exploits1References1
OSV
OSV
added 2017/12/29 4:29 p.m.10 views

CVE-2017-17916

SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.1CVSS8.5AI score0.01532EPSS
Exploits1References1
CVE
CVE
added 2017/12/29 4:0 p.m.67 views

CVE-2017-17916

Ruby on Rails 5.1.4 and earlier is affected by an SQL injection in the find_by method via the name parameter. The issue is reported as exploitable remotely to execute arbitrary SQL commands. The root cause is tied to using untrusted input in that method, with vendor dispute noted in multiple sour...

8.1CVSS8.6AI score0.01532EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2017/12/29 4:0 p.m.25 views

CVE-2017-17916

SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.1CVSS8.6AI score0.01532EPSS
Exploits1
Rows per page
Query Builder