activerecord vulnerable to SQL Injection

The Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via...

Active Record contains SQL Injection

SQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...

Improper Input Validation

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument...

activerecord vulnerable to SQL Injection

Multiple SQL injection vulnerabilities in the quotetablename method in the ActiveRecord adapters in activerecord/lib/activerecord/connectionadapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a...

Exposure of Sensitive Information to an Unauthorized Actor

A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x before 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote attackers to forge a digest via multiple attempts...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

Improper Input Validation

Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery CSRF protection for requests to applications that rely on this protection, as demonstrated using text/plain...

Cross site scripting that affects rails

Cross-site scripting XSS vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper...

Cross-Site Request Forgery (CSRF)

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

SQL Injection in Active Record

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresqladapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The cross-site scripting XSS prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a...

Directory Traversal

360class.jansenhm is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url./n...

Directory Traversal

22lixian is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url./n...

Directory Traversal

11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url./n...

Fake package, execution of benign malware

Copies of several well known Python packages were published under slightly modified names in the official Python package repository PyPI prominent example includes urllib vs. urrlib3, bzip vs. bzip2, etc.. These packages contain the exact same code as their upstream package thus their functionali...

Arbitrary File Download

This package is vulnerable to Arbitrary File Download. A client can use backslashes to escape the directory the files where exposed from. Note: Only if the host server is a windows-based operating system...

OS Command Injection

Akeneo PIM is vulnerable to shell injection in the mass edition, resulting in remote code execution...

Uncontrolled Resource Consumption

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...

Code Injection

pygmentize contains a Remote Code Execution vulnerability...

Code Injection

pygmentize contains a Remote Code Execution vulnerability...

XSS vulnerability in old test script

Cross-site scripting vulnerability in ADOdb allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cookie leakage to wrong origins and non-restricted cookie acceptance

Cookie leakage to wrong origins and non-restricted cookie acceptance...

Cookie leakage, non-restricted cookie acceptance

Cookies of foo.bar.example.com are leaked to foo.bar. Additionally, any site can set cookies for any other site...

Serialization vulnerability

A serialization vulnerability was found in the SocketServer and ServerSocketReceiver components...

Remote Code Execution

There's a Remote Code Execution vulnerability in the highlight function of Pygmentize...

SQL Injection

The qstr method in the PDO driver in the ADOdb Library for PHP might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting...

Possible XSS Vulnerability

There is a possible XSS vulnerability in Action View. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers...

Unsafe Query Generation Risk

There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155...

HTTP Proxy header vulnerability

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. See provided link...

Security Misconfiguration Vulnerability

There's an improper default directory umask that can potentially allow unauthorized modifications of PHP code...

Possible Information Leak Vulnerability

Applications that pass unverified user input to the render method in a controller may be vulnerable to an information leak vulnerability. Impacted code will look something like this: def index; render params:id; end Carefully crafted requests can cause the above code to render files from unexpect...

Cross-site request forgery

Administrate::ApplicationController actions don't have CSRF protection. Remote attackers can hijack user's sessions and use any functionality that administrate exposes on their behalf...

Possible Input Validation Circumvention

Code that uses Active Model based models including Active Record models and does not validate user input before passing it to the model can be subject to an attack where specially crafted input will cause the model to skip validations. Rails users using Strong Parameters are generally not impacte...

Nested attributes rejection proc bypass

When using the nested attributes feature in Active Record you can prevent the destruction of associated records by passing the allowdestroy: false option to the acceptsnestedattributesfor method. The allowdestroy flag prevents the :rejectif proc from being called because it assumes that the recor...

Improper Access Control

The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object...

Settings leak in date template filter

If an application allows users to specify an unvalidated format for dates and passes this format to the date filter, a malicious user could obtain any secret in the application's settings by specifying a settings key instead of a date format. e.g. SECRETKEY instead of j/m/Y...

Possible Denial of Service

Specially crafted XML documents can cause applications to raise a SystemStackError and potentially cause a denial of service attack. This nonly impacts applications using REXML or JDOM as their XML processor. Other XML processors that Rails supports are not impacted...

XSS Vulnerability in ActiveSupport::JSON.encode

When a Hash containing user-controlled data is encoded as JSON either through Hashtojson or ActiveSupport::JSON.encode, Rails does not perform adequate escaping that matches the guarantee implied by the escapehtmlentitiesinjson option which is enabled by default. If this resulting JSON string is...

Header injection via multi-lines input

Some built-in validators django.core.validators.EmailValidator, most seriously don't prohibit newline characters due to the usage of $ instead of \Z in the regular expressions. If you use values with newlines in HTTP response or email headers, you can suffer from header injection attacks...

DOS by filling session store

The session backends created a new empty record in the session storage anytime request.session was accessed and there was a session key provided in the request cookies that didn't already have a session record. This could allow an attacker to easily create many new session records simply by sendi...

DOS via URL validation

django.core.validators.URLValidator includes a regular expression that was extremely slow to evaluate against certain inputs...

Improper Restriction of XML External Entity Reference

XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes in Apache Batik allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

Textile Link Parsing XSS

RedCloth Gem for Ruby contains a flaw that allows a cross-site scripting XSS attack. This flaw exists because the program does not validate input when parsing textile links before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute...

Cryptographic Issues

Certificates.java in Not Yet Commons SSL does not properly verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

Incomplete List of Disallowed Inputs

A flaw in the iptype function is triggered when handling octal encoding. This may allow a remote attacker to bypass the IP exclusion feature...

Object Injection

A flaw in Active Job that can allow string arguments to be deserialized as if they were Global IDs. This may allow a remote attacker to inject arbitrary objects...

Strong Parameter bypass with create_with

The createwith functionality in Active Record was implemented incorrectly and completely bypasses the strong parameter protection...

SQL Injection Vulnerabilities Affecting PostgreSQL

SQLi vulnerability in activerecord...