CVE-2016-3954 in Web2pyinfo

Zusammenfassung

von MITRE

web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

05.04.2016

Veröffentlichung

06.02.2018

Moderieren

akzeptiert

Eintrag

VDB-112874

CPE

bereit

EPSS

0.01411

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!