Security
Headlines
HeadlinesLatestCVEs

Tag

#ruby

CVE-2018-5387: CERT/CC Vulnerability Note VU#475445

Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

CVE
Open in Source
#vulnerability#js#c++#auth#ruby
CVE-2017-17742: Ruby 2.5.1 Released

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.

CVE-2018-3741: Make sure we address CVE-2018-8048 · rails/rails-html-sanitizer@f3ba1a8

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.

CVE-2018-8968: vulnerability/manage.php.md at master · Ni9htMar3/vulnerability

An issue was discovered in zzcms 8.2. user/manage.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

CVE-2018-8969: vulnerability/licence_save.php.md at master · Ni9htMar3/vulnerability

An issue was discovered in zzcms 8.2. user/licence_save.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

CVE-2018-8967: vulnerability/adv2.php.md at master · Ni9htMar3/vulnerability

An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in an adv2.php?action=modify request.

CVE-2018-8966: vulnerability/install.md at master · Ni9htMar3/vulnerability

An issue was discovered in zzcms 8.2. It allows PHP code injection via the siteurl parameter to install/index.php, as demonstrated by injecting a phpinfo() call into /inc/config.php.

CVE-2018-8965: vulnerability/ppsave.php.md at master · Ni9htMar3/vulnerability

An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

CVE-2017-12097: TALOS-2017-0449 || Cisco Talos Intelligence Group

An exploitable cross site scripting (XSS) vulnerability exists in the filter functionality of the delayed_job_web rails gem version 1.4. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish an authenticated user to trigger this vulnerability.

CVE-2017-12098: TALOS-2017-0450 || Cisco Talos Intelligence Group

An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish an authenticated user to trigger this vulnerability.