CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-06-01 15:11:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0e96c877abb080d7cf221c036336480ff266ccf
CVEs-PoC/2013/CVE-2013-0156.md
T
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

49 lines
2.4 KiB
Markdown
Raw Blame History

### [CVE-2013-0156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
### POC
#### Reference
- http://www.insinuator.net/2013/01/rails-yaml/
- https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Fa1c0n35/Web-CTF-Cheatshee
- https://github.com/JERRY123S/all-poc
- https://github.com/Jjdt12/kuang_grade_mk11
- https://github.com/Locale/localeapp
- https://github.com/R3dKn33-zz/CVE-2013-0156
- https://github.com/Zxser/Web-CTF-Cheatsheet
- https://github.com/beched/libpywebhack
- https://github.com/bsodmike/rails-exploit-cve-2013-0156
- https://github.com/chapmajs/rails_xml_vuln_demo
- https://github.com/chargify/chargify_api_ares
- https://github.com/chase439/chargify_api_ares
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/duckstroms/Web-CTF-Cheatsheet
- https://github.com/heroku/heroku-CVE-2013-0156
- https://github.com/hktalent/TOP
- https://github.com/jbmihoub/all-poc
- https://github.com/josal/crack-0.1.8-fixed
- https://github.com/mengdaya/Web-CTF-Cheatsheet
- https://github.com/michenriksen/nmap-scripts
- https://github.com/mitaku/rails_cve_2013_0156_patch
- https://github.com/pecha7x/localeapp
- https://github.com/rapid7/psych_shield
- https://github.com/superfish9/pt
- https://github.com/terracatta/name_reverser
- https://github.com/thesp0nge/dawnscanner
- https://github.com/w181496/Web-CTF-Cheatsheet
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whitequark/disable_eval
Reference in New Issue View Git Blame Copy Permalink