25 matches found
Furniture Mod - Base64 encoded String, Exported ContentProvider, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application Furniture Mod published at the 'play' market has multiple vulnerabilities...
CVE-2015-8213
The getformat function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRETKEY...
CVE-2015-8213
The getformat function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRETKEY...
CVE-2015-8213
CVE-2015-8213 affects Django: get_format in utils/formats.py could expose sensitive settings (e.g., SECRET_KEY) when a format is taken from a settings key instead of a date/time format. Affected versions: Django 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2. Impact is informati...
CVE-2015-8213
The getformat function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRETKEY...