4 matches found
High severity vulnerability that affects rails
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOADPATH variable, a different vulnerability than CVE-2006-4112...
GLSA-200608-20 : Ruby on Rails: Several vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200608-20 Ruby on Rails: Several vulnerabilities The Ruby on Rails developers have corrected some weaknesses in actioncontroller/, relative to the handling of the user input and the LOADPATH variable. A remote attacker could injec...
CVE-2006-4111
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOADPATH variable, a different vulnerability than CVE-2006-4112...
Ruby on Rails: Several vulnerabilities
Background Ruby on Rails is an open-source web framework. Description The Ruby on Rails developers have corrected some weaknesses in actioncontroller/, relative to the handling of the user input and the LOADPATH variable. A remote attacker could inject arbitrary entries into the LOADPATH variable...