📦 Web2py

This vulnerability in web2py's sample web application allows remote attackers to execute arbitrary code by exploiting a hardcoded encryption key in the session.connect function. Attackers can achieve ...

This vulnerability allows remote attackers to execute arbitrary code on web2py applications by exploiting insecure deserialization of session cookies. Attackers can craft malicious cookies that, when ...

This vulnerability in web2py allows remote attackers to bypass host-based access restrictions and perform brute-force password attacks against login systems. It affects web2py applications that use ho...

This vulnerability in web2py allows remote attackers to read environment variables via direct access to the beautify example file. When combined with CVE-2016-3957, this information disclosure can be ...