EXPLOITDB-EDB-46585

EXPLOITDB python WORKING POC

Exploit for CVE-2019-5418 - Ruby On Rails File Content Disclosure (

AI Analysis

This exploit leverages CVE-2019-5418, a directory traversal vulnerability in Ruby on Rails, by manipulating the 'Accept' header to disclose arbitrary file contents. The script sends a crafted HTTP request with a malicious header to read files from the server.

Attack Type

info_leak

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1005 - Data from Local System T1190 - Exploit Public-Facing Application

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform multiple

Language python

Files 1

https://www.exploit-db.com/exploits/46585

Authors

NotoriousRebel

Vulnerability

CVE-2019-5418

Ruby On Rails File Content Disclosure (

HIGH KEV

CVSS 7.5