Lucene search
K

5 matches found

Prion
Prion
added 2017/12/29 4:29 p.m.18 views

Sql injection

DISPUTED SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with...

6.8CVSS8.6AI score0.01518EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/12/29 4:29 p.m.20 views

CVE-2017-17919

SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.1CVSS8.6AI score0.01518EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2017/12/29 4:0 p.m.35 views

CVE-2017-17916

SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.1CVSS8.6AI score0.01532EPSS
Exploits1
Cvelist
Cvelist
added 2017/12/29 4:0 p.m.28 views

CVE-2017-17917

SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted inpu...

8.6AI score0.02283EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/29 4:0 p.m.20 views

CVE-2017-17919

SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

8.6AI score0.01518EPSS
Exploits1References1
Rows per page
Query Builder