Lucene search
K

7 matches found

OSV
OSV
added 2022/05/14 12:57 a.m.20 views

GHSA-JR83-VR4J-MP6P web2py exposure of sensitive information

web2py before 2.14.2 allows remote attackers to obtain the sessioncookiekey value via a direct request to examples/simpleexamples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957...

5.5CVSS7.8AI score0.0499EPSS
Exploits2References5
Github Security Blog
Github Security Blog
added 2022/05/14 12:57 a.m.22 views

web2py exposure of sensitive information

web2py before 2.14.2 allows remote attackers to obtain the sessioncookiekey value via a direct request to examples/simpleexamples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957...

5.5CVSS7.9AI score0.01411EPSS
Exploits1References5Affected Software1
OpenVAS
OpenVAS
added 2019/06/22 12:0 a.m.65 views

Ubuntu: Security Advisory (USN-4030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.0499EPSS
Exploits4References2
Prion
Prion
added 2018/02/06 6:29 p.m.13 views

Design/Logic Flaw

web2py before 2.14.2 allows remote attackers to obtain the sessioncookiekey value via a direct request to examples/simpleexamples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957...

2.1CVSS9.6AI score0.0499EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2018/02/06 6:29 p.m.16 views

CVE-2016-3954

web2py before 2.14.2 allows remote attackers to obtain the sessioncookiekey value via a direct request to examples/simpleexamples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957...

5.5CVSS8.2AI score0.0499EPSS
Exploits1References2
CVE
CVE
added 2018/02/06 6:0 p.m.65 views

CVE-2016-3957

Web2py

9.8CVSS7.7AI score0.0499EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2018/02/06 12:0 a.m.17 views

CVE-2016-3954

web2py before 2.14.2 allows remote attackers to obtain the sessioncookiekey value via a direct request to examples/simpleexamples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957...

5.5CVSS7.2AI score0.01411EPSS
Exploits1References3
Rows per page
Query Builder