Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubyonrails rails 2.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3009
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x prior to 2.2.3, and 2.3.x prior to 2.3.4, allows remote malicious users to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.3.3
NA
CVE-2011-0446
Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails prior to 2.3.11, and 3.x prior to 3.0.4, when javascript encoding is used, allow remote malicious users to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.9
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.4
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.0.1
NA
CVE-2011-2197
The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x prior to 2.3.12, 3.0.x prior to 3.0.8, and 3.1.x prior to 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote malicious users to conduct XSS attacks via crafted string...
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.3.9
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.3.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.8
NA
CVE-2011-2930
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allow remote malicious users to execute ...
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.4
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.1.0
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.2
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.1
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.1.0
NA
CVE-2011-2931
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allows remote malicious users to inject arbitrary web scrip...
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.2
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.1.0
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.7
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.10
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.2.0
NA
CVE-2011-2932
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allows remote malicious users to inject arbitrary web script or HTML via a malfo...
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.1.0
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.3
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.3.9
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.1.0
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.3
Rubyonrails Rails 3.0.7
NA
CVE-2008-5189
CRLF injection vulnerability in Ruby on Rails prior to 2.0.5 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.0
Rubyonrails Rails 1.2.4
Rubyonrails Rails 1.2.2
Rubyonrails Rails 1.1.2
Rubyonrails Rails 1.1.0
Rubyonrails Rails 0.9.3
Rubyonrails Rails 0.9.4.1
Rubyonrails Ruby On Rails 0.5.7
Rubyonrails Ruby On Rails 0.6.5
Rubyonrails Rails 0.13.1
Rubyonrails Rails 0.14.2
Rubyonrails Ruby On Rails
Rubyonrails Rails 1.2.0
Rubyonrails Rails 1.1.6
Rubyonrails Rails 1.1.5
Rubyonrails Rails 1.1.4
Rubyonrails Rails 0.14.4
Rubyonrails Ruby On Rails 0.5.0
Rubyonrails Ruby On Rails 0.5.5
Rubyonrails Ruby On Rails 0.5.6
Rubyonrails Rails 0.11.0
NA
CVE-2009-4214
Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails prior to 2.2.s, and 2.3.x prior to 2.3.5, allows remote malicious users to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and ...
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.4
Rubyonrails Rails 1.9.5
Rubyonrails Rails 1.2.5
Rubyonrails Rails 1.1.5
Rubyonrails Rails 1.1.3
Rubyonrails Ruby On Rails 0.8.0
Rubyonrails Ruby On Rails 0.9.0
Rubyonrails Ruby On Rails 0.5.0
Rubyonrails Ruby On Rails 0.5.6
Rubyonrails Rails 0.13.0
Rubyonrails Rails 0.14.1
Rubyonrails Rails 0.11.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.0.1
Rubyonrails Rails 1.1.2
Rubyonrails Rails 1.1.1
Rubyonrails Rails 1.1.0
Rubyonrails Rails 1.0.0
NA
CVE-2008-4094
Multiple SQL injection vulnerabilities in Ruby on Rails prior to 2.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer.
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.0.2
Rubyonrails Rails 1.2.6
Rubyonrails Rails 1.2.5
Rubyonrails Rails 1.1.4
Rubyonrails Rails 1.1.3
Rubyonrails Ruby On Rails 0.9.0
Rubyonrails Rails 0.9.1
Rubyonrails Ruby On Rails 0.5.5
Rubyonrails Ruby On Rails 0.5.6
Rubyonrails Rails 0.12.1
Rubyonrails Rails 0.14.1
Rubyonrails Ruby On Rails
Rubyonrails Rails 2.0.0
Rubyonrails Rails 1.9.5
Rubyonrails Rails 1.2.0
Rubyonrails Rails 1.1.6
Rubyonrails Rails 1.1.5
Rubyonrails Ruby On Rails 0.8.0
Rubyonrails Ruby On Rails 0.8.5
Rubyonrails Rails 0.14.4
Rubyonrails Ruby On Rails 0.5.0
NA
CVE-2012-3464
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails prior to 3.0.17, 3.1.x prior to 3.1.8, and 3.2.x prior to 3.2.8 might allow remote malicious users to inject arbitrary web script or HTML via vectors inv...
Rubyonrails Rails 3.0.14
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.3
Rubyonrails Rails 1.2.4
Rubyonrails Rails 1.2.3
Rubyonrails Rails 1.1.3
Rubyonrails Rails 1.1.2
Rubyonrails Rails 0.9.2
Rubyonrails Rails 0.9.3
Rubyonrails Rails 3.0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »