Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubyonrails rails 2.1.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7248
Ruby on Rails 2.1 prior to 2.1.3 and 2.2.x prior to 2.2.2 does not verify tokens for requests with certain content types, which allows remote malicious users to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demon...
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
1 EDB exploit
NA
CVE-2009-3009
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x prior to 2.2.3, and 2.3.x prior to 2.3.4, allows remote malicious users to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.3.3
NA
CVE-2009-3086
A certain algorithm in Ruby on Rails 2.1.0 up to and including 2.2.2, and 2.3.x prior to 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote malicious users to forge a digest via multiple attempts.
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2