18 Feb '13, 3pm

Exploiting Unsafe Reflection in Ruby/Rails Applications

Started GET "/teste/index?class=ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy&arg1=xxx&arg2=exit" for 127.0.0.1 at 2013-02-10 21:51:01 -0200 Connecting to database specified by database.yml Processing by TesteController#index as HTML Parameters: {"class"=>"ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy", "arg1"=>"xxx", "arg2"=>"exit"} DEPRECATION WARNING: @exit is deprecated! Call exit.somemethod instead of @exit.somemethod. Args: []. (called from index at /home/user/myapp/app/controllers/teste_controller.rb:5) Completed 500 Internal Server Error in 1ms SystemExit (exit): app/controllers/teste_controller.rb:5:in `index'

Full article: http://blog.conviso.com.br/2013/02/exploiting-unsafe-refl...

Tweets

Zagrib News - Ruby On Rails Receives Its Third Security Patch In Less Than A Month: Developers of the Ruby on Ra...

Zagrib News - Ruby On Rails Receives Its Third ...

zagrib.com 16 Feb '13, 1pm

Saturday, February 16th, 2013 | Posted by pasarloak Ruby On Rails Receives Its Third Security Patch In Less Than A Month Y...

Toggle markdown wmd in share box in our ruby/ra...

freelancer.com 19 Feb '13, 7am

In our rails application we enable users to submit multiple types of feedback. We a few pages where we have share text box...

Ruby on Rails pdf ebook: #google

asaha.com 17 Feb '13, 2pm

http://files.fredbrunel.com-/docs./Ruby%20on%20Rails%20-%20Free%20Presentation.pdf Book Description: files fredbrunel docs...

[37s] Cambia: Ruby on Rails SWE

jobs.37signals.com 14 Feb '13, 5pm

"The harder I work, the luckier I get". Samuel Goldwyn For the first time ever, TailorWell is taking the world of employee...

Simple Ruby on Rails site w/ Authentication by ...

freelancer.com 18 Feb '13, 2am

I eventually need a Ruby on Rails web developer with top skills & motivation to be the primary developer (concept to launc...

#OWASP Ruby on Rails Cheatsheet

owasp.org 14 Feb '13, 5pm

This article intends to provide quick basic Ruby on Rails security tips for developers. The Rails framework abstracts deve...

Concepts, Design, Frontends & Ruby on Rails ··· Nico Hagenburger @hagenburger

Concepts, Design, Frontends & Ruby on Rails ···...

hagenburger.net 16 Feb '13, 12pm

Home Blog Contact Portfolio Hi, I’m Nico Hagenburger I enjoy designing clean, simple websites and developing web applicati...

Learn Web Development with the Ruby on Rails Tu...

ruby.railstutorial.org 17 Feb '13, 3am

Note that the goal of this book is not merely to teach Rails, but rather to teach web development with Rails , which means...

Ruby on Rails 3.2.12, 3.1.11 and 2.3.17 Released to Address #Security Holes #ccureit

Ruby on Rails 3.2.12, 3.1.11 and 2.3.17 Release...

news.softpedia.com 13 Feb '13, 11am

The developers of Ruby on Rails have released versions 3.2.12, 3.1.11 and 2.3.17. Ruby on Rails 3.2.12 and 3.1.11 fix one ...

Ruby on rails developer (all levels) at Whisk /...

workinstartups.com 12 Feb '13, 9pm

We're looking for an Ruby/Rails developers to help develop the front end for our next generation web platform. We're a you...

#Job Ruby on Rails developer by rslingo: Lookin...

freelancer.com 13 Feb '13, 9pm

Looking for a Rails developer to assist with creating a user login feature for a web app. Instead of a traditional signup ...

Ruby on Rails vulnerable to mass assignment and SQL injection

Ruby on Rails vulnerable to mass assignment and...

zweitag.de 11 Feb '13, 6pm

Ruby on Rails vulnerable to mass assignment and SQL injection During the last weeks Ruby on Rails has been hit by several ...

We are hiring Senior Ruby on Rails: Job Respons...

sysgen.com.ph 13 Feb '13, 7am

Must have a working knowledge of software design patterns, a clear understanding of web and system security issues and des...

Passare Inc.: Software Engineer - Ruby on Rails...

jobs.37signals.com 15 Feb '13, 11pm

Passare is an A-round funded company still in stealth mode. We are looking for engineers to grow our software team and hel...