CVE-2016-3954 in Web2pyजानकारी

सारांश

द्वारा MITRE

web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

आरक्षित करना

05/04/2016

प्रकटीकरण

06/02/2018

प्रविष्टि

VDB-112874

EPSS

0.01411

गतिविधियाँ

बहुत कम

स्रोत

Do you need the next level of professionalism?

Upgrade your account now!