Lucene search
GoogleOSV:GHSA-JR83-VR4J-MP6PHistoryMay 14, 2022 - 12:57 a.m.
web2py exposure of sensitive information
2022-05-1400:57:47
Google
osv.dev
1
web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957.
Related
cve
cve
CVE-2016-3954
2018-02-06 18:29:00
CVE-2016-3957
2018-02-06 18:29:00
nvd
nvd
CVE-2016-3954
2018-02-06 18:29:00
CVE-2016-3957
2018-02-06 18:29:00
github
github
web2py exposure of sensitive information
2022-05-14 00:57:47
cvelist
cvelist
CVE-2016-3954
2018-02-06 18:00:00
CVE-2016-3957
2018-02-06 18:00:00
ubuntucve
ubuntucve
CVE-2016-3954
2018-02-06 00:00:00
CVE-2016-3957
2018-02-06 00:00:00
prion
prion
Design/Logic Flaw
2018-02-06 18:29:00
Design/Logic Flaw
2018-02-06 18:29:00
osv
osv
nessus
nessus
Ubuntu 16.04 LTS : web2py vulnerabilities (USN-4030-1)
2019-06-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4030-1)
2019-06-22 00:00:00
ubuntu
ubuntu
web2py vulnerabilities
2019-06-21 00:00:00