Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubyonrails rails 2.2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7248
Ruby on Rails 2.1 prior to 2.1.3 and 2.2.x prior to 2.2.2 does not verify tokens for requests with certain content types, which allows remote malicious users to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demon...
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
1 EDB exploit
NA
CVE-2009-3009
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x prior to 2.2.3, and 2.3.x prior to 2.3.4, allows remote malicious users to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.3.3
NA
CVE-2009-3086
A certain algorithm in Ruby on Rails 2.1.0 up to and including 2.2.2, and 2.3.x prior to 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote malicious users to forge a digest via multiple attempts.
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2