CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2022/05/05 12:29 a.m.•11 views

GHSA-42GQ-H7XJ-33R4 Features file injection vulnerability

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory...

5.4CVSS5.5AI score0.00244EPSS

Exploits1References5

Github Security Blog•added 2022/05/05 12:29 a.m.•17 views

Features file injection vulnerability

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory...

5.4CVSS3.9AI score0.00244EPSS

Exploits1References5Affected Software1

NVD•added 2019/12/26 9:15 p.m.•5 views

CVE-2013-4318

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory...

5.4CVSS5.6AI score0.00244EPSS

Exploits1References2

Prion•added 2019/12/26 9:15 p.m.•11 views

Design/Logic Flaw

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory...

3.5CVSS7.4AI score0.00244EPSS

Exploits1References2Affected Software1

Cvelist•added 2019/12/26 8:49 p.m.•11 views

CVE-2013-4318

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory...

5.6AI score0.00244EPSS

Exploits1References2

CVE•added 2019/12/26 8:49 p.m.•93 views

CVE-2013-4318

CVE-2013-4318 affects the Ruby Gems Features package (Ruby Features 0.3.0). The issue is a file handling flaw where input submitted to /tmp/out.html is not properly validated, enabling a local cross-site scripting (XSS) attack. Some sources describe the risk as a local XSS, while others reference...

5.4CVSS5.5AI score0.00244EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by