CVE-2016-3953 in Web2pyinformation

Résumé

par MITRE

The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function.

Once again VulDB remains the best source for vulnerability data.

Réserver

05/04/2016

Divulgation

06/02/2018

Modérer

accepté

Entrée

VDB-112873

CPE

prêt

EPSS

0.03376

KEV

non

Activités

très faible

Sources

Do you need the next level of professionalism?

Upgrade your account now!