exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2012-2661

больше 13 лет назад

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.

CVSS2: 5

EPSS: Низкий

CVE-2012-2661

больше 13 лет назад

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.

CVSS2: 4.3

EPSS: Низкий

CVE-2012-2661

больше 13 лет назад

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.

CVSS2: 5

EPSS: Низкий

CVE-2012-2661

больше 13 лет назад

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1. ...

CVSS2: 5

EPSS: Низкий

GHSA-fh39-v733-mxfr

больше 8 лет назад

Active Record vulnerable to SQL Injection via nested query parameters

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2012-2661 The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.	CVSS2: 5	1% Низкий	больше 13 лет назад
CVE-2012-2661 The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.	CVSS2: 4.3	1% Низкий	больше 13 лет назад
CVE-2012-2661 The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.	CVSS2: 5	1% Низкий	больше 13 лет назад
CVE-2012-2661 The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1. ...	CVSS2: 5	1% Низкий	больше 13 лет назад
GHSA-fh39-v733-mxfr Active Record vulnerable to SQL Injection via nested query parameters		1% Низкий	больше 8 лет назад

Уязвимостей на страницу