10 matches found
EUVD-2021-1469
Malware in sbrugna...
CVE-2021-35514
Narou aka Narou.rb before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel...
Code injection in Narou
Narou aka Narou.rb before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel...
GHSA-GWRJ-88FP-5M36 Code injection in Narou
Narou aka Narou.rb before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel...
Narou Code Injection Vulnerability
Narou is a novel publishing site by an individual Japanese developer. Narou suffers from a code injection vulnerability in versions prior to 3.8.0 that allows an attacker to inject Ruby code via the title name or author name of a novel. An attacker could use this vulnerability to inject code to...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the novel's title name or author name. Remediation Upgrade narou to version 3.8.0 or higher. References - GitHub Additional Information - GitHub Commit - Ryotak Advisory...
CVE-2021-35514
Narou aka Narou.rb before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel...
CVE-2021-35514
Narou aka Narou.rb before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel...
CVE-2021-35514
Narou (aka Narou.rb) up to version 3.8.0 is vulnerable to Ruby code injection via the title or author name fields of a novel. The underlying issue is untrusted code execution through these inputs, enabling code execution on the affected system. Affected software: Narou.rb (Ruby-based Narou). Root...
Narou 代码注入漏洞
Narou is a novel publishing site by an individual Japanese developer. Narou suffers from a code injection vulnerability in versions prior to 3.8.0 that allows an attacker to inject Ruby code via the title name or author name of a novel. An attacker could use this vulnerability to inject code to...