Lucene search
K

13 matches found

OSV
OSV
added 2017/10/24 6:33 p.m.29 views

GHSA-GM25-FPMR-43FJ Moderate severity vulnerability that affects rails

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS5.4AI score0.03683EPSS
Exploits1References17
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.33 views

Moderate severity vulnerability that affects rails

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS5.2AI score0.03683EPSS
Exploits1References16Affected Software1
seebug.org
seebug.org
added 2016/01/27 12:0 a.m.17 views

Ruby on Rails 'to_json'调用远程拒绝服务漏洞

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/03/12 12:0 a.m.2 views

Ruby on Rails ActiveModel::Name Remote Denial of Service Vulnerability

Ruby on Rails is a web application framework , built on top of the Ruby language . A security vulnerability in Rails ActiveModel::Name allows an attacker to send specially crafted data to an application, causing tojson to call ActiveModel::Name, which can cause the application to cause a dead loo...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2015/03/10 12:0 a.m.2 views

Ruby on Rails 'to_json' Call Remote Denial of Service Vulnerability

Ruby on Rails Rails is the Rails core team to develop and maintain a set of open source Web application framework based on the Ruby language . A denial of service vulnerability exists in Ruby on Rails. A remote attacker can exploit this vulnerability to cause a denial of service...

6.8AI score
Exploits0References1
Packet Storm
Packet Storm
added 2013/12/24 12:0 a.m.43 views

Fat Free CRM CSRF / SQL Injection / Known Secret

To whom it may concern: A rather informal advisory on Fat Free CRM http://fatfreecrm.com/: Timeline: Aug 27th 2013 Initial email containing the findings listed below including a note that there more vulnerabilities which just need to be verified. Send to [email protected] and...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/15 12:0 a.m.32 views

GLSA-200711-17 : Ruby on Rails: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200711-17 Ruby on Rails: Multiple vulnerabilities candlerb found that ActiveResource, when processing responses using the Hash.fromxml function, does not properly sanitize filenames CVE-2007-5380. The session management...

6.8CVSS6AI score0.03969EPSS
Exploits1References4
Gentoo Linux
Gentoo Linux
added 2007/11/14 12:0 a.m.62 views

Ruby on Rails: Multiple vulnerabilities

Background Ruby on Rails is a free web framework used to develop database-driven web applications. Description candlerb found that ActiveResource, when processing responses using the Hash.fromxml function, does not properly sanitize filenames CVE-2007-5380. The session management functionality...

6.8CVSS7.2AI score0.03969EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2007/06/14 11:30 p.m.34 views

CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS6.1AI score0.03683EPSS
Exploits1References1
Prion
Prion
added 2007/06/14 11:30 p.m.24 views

Cross site scripting

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS5.9AI score0.03683EPSS
Exploits1References13Affected Software1
OSV
OSV
added 2007/06/14 11:30 p.m.4 views

DEBIAN-CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS6.3AI score0.03683EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2007/06/14 11:0 p.m.33 views

CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS5.7AI score0.03683EPSS
Exploits1
Cvelist
Cvelist
added 2007/06/14 11:0 p.m.28 views

CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

5.5AI score0.03683EPSS
Exploits1References13
Rows per page
Query Builder