Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-5418 PoC — Action View 信息泄露漏洞

Source
https://github.com/ztgrace/CVE-2019-5418-Rails3
Associated Vulnerability
Title:Action View 信息泄露漏洞 (CVE-2019-5418)
Description:Action View中存在信息泄露漏洞。攻击者可利用该漏洞泄露文件内容。
Description
Rails 3 PoC of CVE-2019-5418
Readme
# Rails 3 PoC of CVE-2019-5418

A PoC app to verify CVE-2019-5418 on Rails 3. Based on https://github.com/mpgn/CVE-2019-5418.
File Snapshot

 [4.0K]  /data/pocs/469c1ec7fc1049486689803b340491184e86ab35
├── [4.0K]  demo
│   ├── [4.0K]  app
│   │   ├── [4.0K]  assets
│   │   │   ├── [4.0K]  images
│   │   │   │   └── [6.5K]  rails.png
│   │   │   ├── [4.0K]  javascripts
│   │   │   │   ├── [ 641]  application.js
│   │   │   │   └── [ 229]  home.js.coffee
│   │   │   └── [4.0K]  stylesheets
│   │   │       ├── [ 546]  application.css
│   │   │       └── [ 175]  home.css.scss
│   │   ├── [4.0K]  controllers
│   │   │   ├── [  80]  application_controller.rb
│   │   │   └── [ 110]  home_controller.rb
│   │   ├── [4.0K]  helpers
│   │   │   ├── [  29]  application_helper.rb
│   │   │   └── [  22]  home_helper.rb
│   │   ├── [4.0K]  mailers
│   │   ├── [4.0K]  models
│   │   └── [4.0K]  views
│   │       ├── [4.0K]  home
│   │       │   └── [  14]  index.html.erb
│   │       └── [4.0K]  layouts
│   │           └── [ 231]  application.html.erb
│   ├── [4.0K]  config
│   │   ├── [2.7K]  application.rb
│   │   ├── [ 191]  boot.rb
│   │   ├── [ 576]  database.yml
│   │   ├── [ 148]  environment.rb
│   │   ├── [4.0K]  environments
│   │   │   ├── [1.3K]  development.rb
│   │   │   ├── [2.4K]  production.rb
│   │   │   └── [1.5K]  test.rb
│   │   ├── [4.0K]  initializers
│   │   │   ├── [ 404]  backtrace_silencers.rb
│   │   │   ├── [ 533]  inflections.rb
│   │   │   ├── [ 205]  mime_types.rb
│   │   │   ├── [ 495]  secret_token.rb
│   │   │   ├── [ 404]  session_store.rb
│   │   │   └── [ 465]  wrap_parameters.rb
│   │   ├── [4.0K]  locales
│   │   │   └── [ 214]  en.yml
│   │   └── [1.8K]  routes.rb
│   ├── [ 154]  config.ru
│   ├── [4.0K]  db
│   │   └── [ 343]  seeds.rb
│   ├── [4.0K]  doc
│   │   └── [ 211]  README_FOR_APP
│   ├── [ 798]  Gemfile
│   ├── [2.8K]  Gemfile.lock
│   ├── [4.0K]  lib
│   │   ├── [4.0K]  assets
│   │   └── [4.0K]  tasks
│   ├── [4.0K]  log
│   ├── [4.0K]  public
│   │   ├── [ 728]  404.html
│   │   ├── [ 711]  422.html
│   │   ├── [ 643]  500.html
│   │   ├── [   0]  favicon.ico
│   │   └── [ 204]  robots.txt
│   ├── [ 269]  Rakefile
│   ├── [  27]  README.md
│   ├── [4.0K]  script
│   │   └── [ 295]  rails
│   ├── [4.0K]  test
│   │   ├── [4.0K]  fixtures
│   │   ├── [4.0K]  functional
│   │   │   └── [ 161]  home_controller_test.rb
│   │   ├── [4.0K]  integration
│   │   ├── [4.0K]  performance
│   │   │   └── [ 370]  browsing_test.rb
│   │   ├── [ 454]  test_helper.rb
│   │   └── [4.0K]  unit
│   │       └── [4.0K]  helpers
│   │           └── [  71]  home_helper_test.rb
│   └── [4.0K]  vendor
│       ├── [4.0K]  assets
│       │   ├── [4.0K]  javascripts
│       │   └── [4.0K]  stylesheets
│       └── [4.0K]  plugins
├── [ 515]  Dockerfile
└── [ 126]  README.md

37 directories, 45 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.