CVE-2016-3954 in Web2pyالمعلومات

الملخص

بحسب MITRE

web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

05/04/2016

إفشاء

06/02/2018

الاعتدال

تمت الموافقة

إدخال

VDB-112874

EPSS

0.01411

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!