Course
In this lab, we explore a Ruby application vulnerable to code injection through the use of the <code>eval</code> function. By manipulating the <code>username</code> parameter, we can execute arbitrary commands on the server.
Skills covered
Injection
Operating System
CWE-20, CWE-95
Included with PRO
Full course content
2 videos
Common mistakes
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
