Количество 4
Количество 4
CVE-2016-3954
web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.
CVE-2016-3954
web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.
CVE-2016-3954
web2py before 2.14.2 allows remote attackers to obtain the session_coo ...
GHSA-jr83-vr4j-mp6p
web2py exposure of sensitive information
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-3954 web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957. | CVSS3: 5.5 | 0% Низкий | около 8 лет назад |
 | CVE-2016-3954 web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957. | CVSS3: 5.5 | 0% Низкий | около 8 лет назад |
| CVE-2016-3954 web2py before 2.14.2 allows remote attackers to obtain the session_coo ... | CVSS3: 5.5 | 0% Низкий | около 8 лет назад |
| GHSA-jr83-vr4j-mp6p web2py exposure of sensitive information | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу