Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60546
HistoryDec 28, 2012 - 12:00 a.m.

Ruby on Rails Authlogic gem SQL注入漏洞

2012-12-2800:00:00
Root
www.seebug.org
20
JSON

CVE ID: CVE-2012-5664

Ruby on Rails是一款Web应用程序框架,构建在Ruby语言之上

AuthLogic gem实现存在一个SQL注入漏洞,如果Ruby on Rails应用使用AuthLogic gem进行验证,并且攻击者在能访问Rails应用的私钥的情况下,可绕过安全限制进行未授权访问
0
Ruby on Rails
厂商补丁:

Ruby on Rails

目前没有详细解决方案提供:
http://rubygems.org/gems/authlogic

Related

debian 1
freebsd 1
ubuntucve 1
cve 1
suse 5
openvas 4
nessus 1
securityvulns 1
debian
debian
[SECURITY] [DSA 2597-1] rails security update
2013-01-04 22:11:28
freebsd
freebsd
rubygem-rails -- SQL injection vulnerability
2013-01-02 00:00:00
ubuntucve
ubuntucve
CVE-2012-6496
2013-01-04 00:00:00
cve
cve
CVE-2012-5664
2012-12-26 20:55:00
suse
suse
ruby on rails to 2.3.16 (important)
2013-02-12 10:10:39
ruby on rails to 2.3.16 (important)
2013-02-12 11:04:29
Security update for Ruby On Rails (important)
2013-03-19 18:04:46
openvas
openvas
SuSE Update for ruby openSUSE-SU-2013:0278-1 (ruby)
2013-03-11 00:00:00
SuSE Update for ruby openSUSE-SU-2013:0280-1 (ruby)
2013-03-11 00:00:00
openSUSE: Security Advisory for ruby (openSUSE-SU-2013:0278-1)
2013-03-11 00:00:00
nessus
nessus
openSUSE Security Update : ruby (openSUSE-SU-2013:0278-1)
2014-06-13 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-01-10 00:00:00
JSON
Related for SSV:60546
debian1freebsd1ubuntucve1cve1suse5openvas4nessus1securityvulns1