CVE-2011-0448 is a vulnerability in Ruby on Rails Rails
Published on February 21, 2011

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.

Vendor Advisory NVD

Products Associated with CVE-2011-0448

Want to know whenever a new CVE is published for Ruby on Rails Rails? stack.watch will email you.

Ruby on Rails Rails

Exploit Probability

EPSS

0.69%

Percentile

71.46%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2011-0448 is a vulnerability in Ruby on Rails RailsPublished on February 21, 2011

Products Associated with CVE-2011-0448

Exploit Probability

CVE-2011-0448 is a vulnerability in Ruby on Rails Rails
Published on February 21, 2011