13 matches found
Astra Linux - уязвимость в ruby-rack
Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with...
metasploit-framework
This is the Metasploit Framework repository, a comprehensive collection of tools and resources for penetration testing and vulnerability assessment. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools, which can be used to test and exploit...
CVE-2024-32463
phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. The filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an tag...
Rails 安全漏洞
Rails is a set of open source web application frameworks based on the Ruby language by the American Rails team. A security vulnerability exists in Rails. An attacker exploited the vulnerability to cause a denial of service on the system...
Omise: Authenticity token doesnt expire after single use leading to CSRF
Summary Once you said that you ruby framework for making the authenticity-token which acts as a CSRF protection. You also send me this as to help me understand https://medium.com/rubyinside/a-deep-dive-into-csrf-protection-in-rails-19fa0a42c0ef . After finding i found that an authenticity-token c...
UPDATE: WordPress Exploit Framework v1.8!
PenTestIT RSS Feed Good news guys! We now have the WordPress Exploit Framework v1.8 amongst us! This new version fixes API compatibility with a shell upload module, updates multiple dependencies, introduces multiple API changes and adds multiple new modules and payloads! WordPress Exploit Framewo...
Arachni v1.5.1 - Web Application Security Scanner Framework
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is...
metasploit-framework
This is the Metasploit Framework repository, a comprehensive collection of exploit modules and tools for penetration testing and vulnerability assessment. The framework is written in Ruby and is widely used by security professionals and researchers. The repository contains a large number of...
Arachni v1.0 - Web Application Security Scanner Framework
Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan...
[BlackArch] Linux Distribution with 600 Security Tools
BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers. The repository contains 630 tools. You can install tools individually or in groups. BlackArch is compatible with existing Arch installs. Tool List: Name | Version | Description | Homepage...
[Arachni v0.4.2] web application security scanner (Boosted with new UI)
Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is...
Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities)
Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development. CVE-2013-0276 The blacklist provided by the attrprotected method could be bypassed with crafted requests, having an application-specific impact. CVE-2013-0277 In some applications, the...
Arachni v.0.2.3 - Open Source Web Application Security Scanner Framework
Arachni v.0.2.3 - Open Source Web Application Security Scanner Framework Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.Arachni is smart, it trains itself by learning from...