Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ruby Gem echor 命令注入漏洞
Vulnerability Description
Ruby Gem echor是软件开发者Pedro Del Gallego所研发的一套基于Ruby的Echo应用。 Ruby Gem echor 0.1.6版本中的/lib/echor/backplane.rb文件的‘perform_request’函数存在命令注入漏洞。本地攻击者可通过向用户名和密码添加分号利用该漏洞注入任意的代码。
CVSS Information
N/A
Vulnerability Type
N/A