exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2012-2695

больше 13 лет назад

The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.

CVSS2: 7.5

EPSS: Низкий

CVE-2012-2695

больше 13 лет назад

The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.

CVSS2: 4.3

EPSS: Низкий

CVE-2012-2695

больше 13 лет назад

The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.

CVSS2: 7.5

EPSS: Низкий

CVE-2012-2695

больше 13 лет назад

The Active Record component in Ruby on Rails before 3.0.14, 3.1.x befo ...

CVSS2: 7.5

EPSS: Низкий

GHSA-76wq-xw4h-f8wj

больше 8 лет назад

activerecord vulnerable to SQL Injection

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2012-2695 The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.	CVSS2: 7.5	1% Низкий	больше 13 лет назад
CVE-2012-2695 The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.	CVSS2: 4.3	1% Низкий	больше 13 лет назад
CVE-2012-2695 The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.	CVSS2: 7.5	1% Низкий	больше 13 лет назад
CVE-2012-2695 The Active Record component in Ruby on Rails before 3.0.14, 3.1.x befo ...	CVSS2: 7.5	1% Низкий	больше 13 лет назад
GHSA-76wq-xw4h-f8wj activerecord vulnerable to SQL Injection		1% Низкий	больше 8 лет назад

Уязвимостей на страницу