RSS   Vulnerabilities for 'Geocoder'   RSS

2020-01-25
 
CVE-2020-7981

CWE-89
 

 
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.

 


Copyright 2024, cxsecurity.com

 

Back to Top