CVE-2016-3952 in Web2py信息

摘要

由 MITRE

web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/template_examples/beautify. NOTE: this issue can be leveraged by remote attackers to gain administrative access.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Do you know our Splunk app?

Download it now for free!