", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-11T16:59:00", "title": "CVE-2016-4806", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4806"], "modified": "2017-01-19T16:29:00", "cpe": ["cpe:/a:web2py:web2py:2.14.5"], "id": "CVE-2016-4806", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4806", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:web2py:web2py:2.14.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-09-21T14:24:33", "description": "Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an attacker to perform an XSS attack on logged in user (admin). The shortest way to do what you want is, Start by generating your certificate files, if you don't have them already. ", "edition": 2, "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 4.8, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2017-01-11T16:59:00", "title": "CVE-2016-4807", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4807"], "modified": "2017-01-11T20:09:00", "cpe": ["cpe:/a:web2py:web2py:2.14.5"], "id": "CVE-2016-4807", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4807", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:web2py:web2py:2.14.5:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2016-05-16T21:42:45", "description": "Web2py 2.14.5 - Multiple Vulnerabilities.
\n# Fix/Patching : Update To Web2py. HTTPS. ", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-11T16:59:00", "title": "CVE-2016-4808", "type": "cve", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4808"], "modified": "2017-01-19T16:18:00", "cpe": ["cpe:/a:web2py:web2py:2.14.5"], "id": "CVE-2016-4808", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4808", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:web2py:web2py:2.14.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-09-21T14:24:33", "description": "Web2py versions 2.14.5 and below was affected by Local File Inclusion vulnerability, which allows a malicious intended user to read/access web server sensitive files.

Where Is The Original Glinda The Good Witch Costume, Kelli Berglund And Spencer Boldman Fanfiction, Glasgow Warriors Ulster, Una Healy Husband, Types Of Viscosity, Osprey Savu Vs Seral, Wash Basin, Michigan Soccer Jersey, 800 Wmt, Sisters,or The Balance Of Happiness (1979), Rise Of The Footsoldier 3 Netflix, Opposite Of Defense In Court, Seg-el Wife, Saracens Ospreys, Medieval Laws, Tennessee Football News, Why Are Shops Closed In Barcelona Today, Hezekiah Prayer Model, Native Bar Singapore, Burberry Scarf First Copy, When Did The Battle Of Broodseinde End, Lance Legendre Kansas, Sc House District 100, Sequel Movies 2020, North Devon Crematorium Services Today, Southend Stadium, National Cycling Championships 2019 Results, Define The Term Resistivity Of A Conductor, Blue And Gold Illustrated Coupon Code, Nh Lawyers, Star Wars: Episode 6 Age Rating, Errementari: The Blacksmith And The Devil Plot, Nfl Player Murdered, Der Fleisch, Who Owns Dc Comics, Caitlin Carmichael Height, Luton Bedford Trucks Shirt, Grotesque Roman Art, Abc Rap Song Lyrics, Firecreek Bbq Fayetteville, Wv,