NOMISEC-mpgn/CVE-2019-5418
NOMISEC WORKING POC
Exploit for CVE-2019-5418
- Ruby On Rails File Content Disclosure (
AI Analysis
This repository contains a working proof-of-concept for CVE-2019-5418, demonstrating file content disclosure in Ruby on Rails via crafted Accept headers. The exploit leverages a vulnerability in Action View's `render file:` functionality to read arbitrary files on the server.
Attack Type
info_leak
Complexity
trivial
Reliability
reliable
Click anywhere or press Esc to close