13 matches found
Moderate severity vulnerability that affects rails
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
GHSA-GM25-FPMR-43FJ Moderate severity vulnerability that affects rails
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
Ruby on Rails 'to_json'调用远程拒绝服务漏洞
No description provided by source...
Ruby on Rails ActiveModel::Name Remote Denial of Service Vulnerability
Ruby on Rails is a web application framework , built on top of the Ruby language . A security vulnerability in Rails ActiveModel::Name allows an attacker to send specially crafted data to an application, causing tojson to call ActiveModel::Name, which can cause the application to cause a dead loo...
Ruby on Rails 'to_json' Call Remote Denial of Service Vulnerability
Ruby on Rails Rails is the Rails core team to develop and maintain a set of open source Web application framework based on the Ruby language . A denial of service vulnerability exists in Ruby on Rails. A remote attacker can exploit this vulnerability to cause a denial of service...
Fat Free CRM CSRF / SQL Injection / Known Secret
To whom it may concern: A rather informal advisory on Fat Free CRM http://fatfreecrm.com/: Timeline: Aug 27th 2013 Initial email containing the findings listed below including a note that there more vulnerabilities which just need to be verified. Send to [email protected] and...
GLSA-200711-17 : Ruby on Rails: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200711-17 Ruby on Rails: Multiple vulnerabilities candlerb found that ActiveResource, when processing responses using the Hash.fromxml function, does not properly sanitize filenames CVE-2007-5380. The session management...
Ruby on Rails: Multiple vulnerabilities
Background Ruby on Rails is a free web framework used to develop database-driven web applications. Description candlerb found that ActiveResource, when processing responses using the Hash.fromxml function, does not properly sanitize filenames CVE-2007-5380. The session management functionality...
Cross site scripting
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
DEBIAN-CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...