Description
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.
Remediation
References
Related Vulnerabilities
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.17)
Zope Web Application Server Other Vulnerability (CVE-2000-0483)
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.1)
WordPress Plugin Quick Contact Form Security Bypass (8.0.1)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6660)