CVE-2016-3954 in Web2pyИнформация

Сводка

по MITRE

web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Резервировать

05.04.2016

Раскрытие

06.02.2018

Модерация

принято

Вход

VDB-112874

EPSS

0.01411

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!