ruby

日期	标题	类别	作者
2023-05-26	Camaleon CMS v2.7.0 – Server-Side Template Injection (SSTI)	webapps	PARAG BAGUL
2023-05-23	Cameleon CMS 2.7.4 – Persistent Stored XSS in Post Title	webapps	Yasin Gergin
2023-04-06	pdfkit v0.8.7.2 – Command Injection	local	UNICORD
2023-04-01	GitLab v15.3 – Remote Code Execution (RCE) (Authenticated)	webapps	Antonio Francesco Sardella
2022-04-26	GitLab 14.9 – Stored Cross-Site Scripting (XSS)	webapps	Greenwolf
2022-04-26	Gitlab 14.9 – Authentication Bypass	webapps	Greenwolf
2021-11-17	GitLab 13.10.2 – Remote Code Execution (RCE) (Unauthenticated)	webapps	Jacob Baines
2021-06-04	Gitlab 13.10.2 – Remote Code Execution (Authenticated)	webapps	enox
2021-06-03	Gitlab 13.9.3 – Remote Code Execution (Authenticated)	webapps	enox
2021-05-03	GitLab Community Edition (CE) 13.10.3 – ‘Sign_Up’ User Enumeration	webapps	4D0niiS
2021-05-03	GitLab Community Edition (CE) 13.10.3 – User Enumeration	webapps	4D0niiS
2021-01-27	STVS ProVision 5.9.10 – Cross-Site Request Forgery (Add Admin)	webapps	LiquidWorm
2021-01-27	STVS ProVision 5.9.10 – File Disclosure (Authenticated)	webapps	LiquidWorm
2020-12-24	GitLab 11.4.7 – RCE (Authenticated) (2)	webapps	Norbert Hofmann
2020-12-14	GitLab 11.4.7 – Remote Code Execution (Authenticated) (1)	webapps	Fortunato Lodari
2020-11-19	Gitlab 12.9.0 – Arbitrary File Read (Authenticated)	webapps	Jasper Rasenberg
2020-07-26	Rails 5.0.1 – Remote Code Execution	webapps	Lucas Amorim
2020-05-06	GitLab 12.9.0 – Arbitrary File Read	webapps	KouroshRZ
2019-03-28	Fat Free CRM 0.19.0 – HTML Injection	webapps	Ismail Tasdelen
2018-10-15	AlchemyCMS 4.1 – Cross-Site Scripting	webapps	Ismail Tasdelen
2018-10-12	CAMALEON CMS 2.4 – Cross-Site Scripting	webapps	Ismail Tasdelen
2018-05-02	Metasploit Framework – ‘msfd’ Remote Code Execution (Metasploit)	remote	Metasploit
2018-05-02	Metasploit Framework – ‘msfd’ Remote Code Execution (via Browser) (Metasploit)	remote	Metasploit
2017-12-02	Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection	local	Etienne Stalmans