espes
- Karma
- 304
- Created
- March 20, 2011 (15y ago)
- Submissions
- 0
-
tl;dr Due to rails parameter parsing oddities the sql injection vulnerability can be exploited even in a basic ActiveRecord app. The same technique yields an effective DOS. Put…
tl;dr Due to rails parameter parsing oddities the sql injection vulnerability can be exploited even in a basic ActiveRecord app. The same technique yields an effective DOS. Put…