Pwnie Awards 2017

The 2013 Pwnie Award For Best Server-Side Bug

CVE-2013-0156

Ben Murphy

While lots and lots of Ruby libraries like YAML, Ruby on Rails likes it the most. This vulnerability leads to remote SQL injection and arbitrary Ruby code execution on the server, bringing down a variety of Ruby on Rails web sites.