plowsec/ror_cheatsheet.md

Created January 23, 2024 08:49

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/plowsec/276665a0c6c4cc52471417ff06c94152.js"></script>
Save plowsec/276665a0c6c4cc52471417ff06c94152 to your computer and use it in GitHub Desktop.

Download ZIP

ruby on rails bug patterns

Raw

ror_cheatsheet.md

sql injection from string concatenation

.(delete_all|from|where|find_by)\s*\((?:"[^"]*#\{[^\}]+\}"|'[^']*#\{[^\}]+\}'|:\w+\s*=>\s*[^)]+)\)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment