CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

CVE-2026-44511

Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the...

7.4CVSS5.5AI score0.00039EPSS

Exploits0References1

NVD•added 2026/05/14 5:16 p.m.•6 views

CVE-2026-44511

7.4CVSS0.00039EPSS

Exploits0References1

CNVD•added 2018/07/17 12:0 a.m.•2 views

rails_admin ruby cross-site request forgery vulnerability

railsadmin ruby is a Rails engine that supports the use of interfaces to manage data. A cross-site request forgery vulnerability exists in versions of railsadmin ruby prior to 1.1.1, which stems from a failure of the Non-GET method to validate a cross-site request forgery token. An attacker could...

8.8CVSS8.7AI score0.00154EPSS

Exploits1References1

OSV•added 2018/01/19 7:29 p.m.•0 views

UBUNTU-CVE-2017-12098

An exploitable cross site scripting XSS vulnerability exists in the add filter functionality of the railsadmin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish ...

6.1CVSS5.6AI score0.00397EPSS

Exploits3References5

Positive Technologies•added 2018/01/19 12:0 a.m.•2 views

PT-2018-5349 · Ruby On Rails · Rails Admin

Name of the Vulnerable Software and Affected Versions: rails admin rails gem version 1.2.0 Description: A cross site scripting XSS issue exists in the add filter functionality. This can be triggered by a specially crafted URL, allowing an attacker to execute arbitrary javascript on the victim's...

6.1CVSS6.2AI score0.00397EPSS

Exploits3References15

0day.today•added 2018/01/15 12:0 a.m.•44 views

Ruby on Rails gem version 1.2.0 rails_admin XSS Vulnerability

Exploit for ruby platform in category web applications Summary An exploitable XSS vulnerability exists in the add filter functionality of the railsadmin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on th...

4.3CVSS6.3AI score0.00397EPSS

Exploits3

CNVD•added 2018/01/12 12:0 a.m.•3 views

RubyGems 'rails_admin' Cross-Site Scripting Vulnerability

RubyGems railsadmin is a Rails engine that provides a control interface for managing data. A cross-site scripting vulnerability exists in RubyGems 'railsadmin' version 1.2.0, where the program fails to adequately filter user-submitted input. A remote attacker can exploit this vulnerability to...

6.1CVSS6.8AI score0.00397EPSS

Exploits3References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by