13 matches found
CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
Linux Distros Unpatched Vulnerability : CVE-2023-45158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default...
CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
Command injection
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
UBUNTU-CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
CVE-2023-45158
Affected software: web2py 2.24.1 and earlier. Issue: OS command injection when logging is configured to use notifySendHandler (not the default). A crafted request may execute arbitrary commands on the web server due to insufficient input handling. Practical impact: potential full compromise of th...
CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
CVE-2023-45158
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product...
web2py vulnerable to OS command injection
Overview web2py web application framework contains an OS command injection vulnerability CWE-78. Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When web2py is configured to u...
JVN#80476432: web2py vulnerable to OS command injection
web2py web application framework contains an OS command injection vulnerability CWE-78. Impact When web2py is configured to use notifySendHandler for logging not the default configuration, a crafted web request may execute an arbitrary OS command on the web server using the product. Solution Upda...
PT-2023-7673 · Web2Py · Web2Py
Name of the Vulnerable Software and Affected Versions: web2py versions 2.24.1 and earlier Description: A command injection vulnerability exists in the product. When configured to use notifySendHandler for logging, a crafted web request may execute an arbitrary OS command on the web server. This...