RubyFlow : The Ruby Community Blog

Home   Submit   Sign Up   Log In   leaders   Twitter   RSS Feed  

Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155

I finished developing Proof-of-Concept (PoC) exploits for Rails vulnerabilities CVE-2013-0156 and CVE-2013-0155. Read the write up or read the exploits: rails_dos.rb, rails_jsonq.rb, rails_sqli.rb, rails_rce.rb. If you haven't already upgraded Rails, DO IT NOW!


Post a Comment

Comment abilities for non registered users are currently deactivated, pending time to add a proper CAPTCHA to solve the escalating spam problem. Sorry!