Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2012-2661 PoC — Ruby on Rails SQL注入漏洞

Source
https://github.com/r4x0r1337/-CVE-2012-2661-ActiveRecord-SQL-injection-
Associated Vulnerability
Title:Ruby on Rails SQL注入漏洞 (CVE-2012-2661)
Description:Ruby on Rails(Rails)是Rails核心团队开发维护的一套基于Ruby语言的开源Web应用框架,它是由大卫-海纳梅尔-韩森从美国37signals公司的项目管理工具Basecamp里分离出来的。 Ruby on Rails中的Active Record组件中存在SQL注入漏洞。攻击者可利用该漏洞操控应用程序,访问或修改数据,或者在底层数据库中利用该漏洞。以下版本中存在该漏洞:Ruby on Rails 3.2.4版本,3.1.5版本与3.0.13版本。
Readme
# -CVE-2012-2661-ActiveRecord-SQL-injection-
Write up(bahasa melayu)
File Snapshot

 [4.0K]  /data/pocs/1dda5a8865a668e063361a344745abad89b0371e
├── [  70]  README.md
└── [ 10K]  Write up.txt

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.