Description
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
Remediation
References
Related Vulnerabilities
WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.0)
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443)
WordPress Plugin Verify Google Webmaster Tools Unspecified Vulnerability (1.3)
MySQL CVE-2012-1757 Vulnerability (CVE-2012-1757)
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)