2 matches found
echor Gem for Ruby backplane.rb perform_request Function Arbitrary Command Execution
Echor Gem for Ruby contains a flaw in backplane.rb in the performrequest function that is triggered when a semi-colon ; is injected into a username or password. This may allow a context-dependent attacker to inject arbitrary commands if the gem is used in a rails application...
echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure
echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information...