CVE-2013-7222 in Fat Free信息

摘要

由 VulDB • 2026-06-28

在Fat Free CRM 0.12.1之前的版本中,config/initializers/secret_token.rb文件存在一个固定的FatFreeCRM::Application.config.secret_token值,这使得远程攻击者通过引用源代码中的密钥更容易伪造签名Cookie。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!