Description
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.
Remediation
References
Related Vulnerabilities
WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.75)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6661)
OpenSSL Resource Management Errors Vulnerability (CVE-2009-4355)
Liferay Portal Origin Validation Error Vulnerability (CVE-2022-25146)
WordPress Plugin MasterStudy LMS-for Online Courses and Education Privilege Escalation (3.3.1)