This Metasploit module implements remote command execution on Ruby on Rails applications. Prerequisite is knowledge of the "secret_token" (Rails 2/3) or "secret_key_base" (Rails 4). The values for those can be usually found in the file "RAILS_ROOT/config/initializers/secret_token.rb". The module achieves RCE by deserialization of a crafted Ruby Object.
11be9f012016644efb3d2156025a67454ab17fda375b0d1a9de05a368b0ca5e5
This is a supplement to the SA-20130719-0 SEC Consult advisory that notes an additional attack vector for an XXE injection vulnerability in Sybase EAServer.
3cbd8730ac23a8caf0246048e716bcb96d05f72f025815f74e98ae2ed65f3b29
Gnew 2013.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
80679433b4e600df7f78f562168c34eddf4022c22bb329027e86bbdd82d27939
vbBux / vbPlaza version 4.0.3 suffers from a remote SQL injection vulnerability.
60d34baba3032357c8f4c140195265873cbe3acd91d1fd2d312b54877a0c9f04
Tienda-Online-Economica suffers from a cross site scripting vulnerability. Note that this advisory has site-specific information.
62ff9834c5c84f12eb4aff43ae6bea0e8a355fae7ff4fe8fd4b34bfed93abad1
HTCSyncManagerUpdate suffers from a DLL hijacking vulnerability.
ad905bd9bcf7e2e3e3dede4db2a90756d50e43d1bf2fbb25720795e376245cda