2 matches found
CVE-2019-1010191
marginalia 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a header. The attack vector...
CVE-2019-1010191
CVE-2019-1010191 affects the Ruby gem marginalia (and related advisories) before version 1.6. The vulnerability is SQL Injection: if a user controller argument is used as a component (e.g., a parameter or header), an attacker can inject arbitrary SQL queries via a vulnerable vector (header, HTTP ...