• Rails SQL Injection Examples

    rails-sqli.org 23 Aug '13, 3pm

    This page lists many query methods and options in ActiveRecord which do not sanitize raw SQL arguments and are not intended to be called with unsafe user input. Careless use of these methods can open up code to SQL Injection exploits. The examples here do not include SQL injection fro...