Web2py

Latest version: v2.1.1

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
CVE-2015-6961	65858	Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows…	==2.9.11	MEDIUM	6.1
CVE-2023-45158	70381	A vulnerability in versions of web2py up to 2.24.1 involves an OS com…	<=2.24.1	CRITICAL	9.8
CVE-2016-10321	65859	web2py before 2.14.6 does not properly check if a host is denied befo…	<2.14.6	CRITICAL	9.8
CVE-2016-4808	65834	Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Req…	<=2.14.5	HIGH	8.8
CVE-2016-4807	70529	Web2py versions 2.14.5 and below was affected by Reflected XSS vulner…	<=2.14.5	MEDIUM	4.8
CVE-2016-4806	70528	Web2py versions 2.14.5 and below was affected by Local File Inclusion…	<=2.14.5	HIGH	7.5
CVE-2016-3954	65833	web2py before 2.14.2 allows remote attackers to obtain the session_co…	<2.14.2	MEDIUM	5.5
CVE-2016-3953	65860	The sample web application in web2py before 2.14.2 might allow remote…	<2.14.2	CRITICAL	9.8
CVE-2016-3957	65861	The secure_load function in gluon/utils.py in web2py before 2.14.2 us…	<2.14.2	CRITICAL	9.8
CVE-2016-3952	70561	web2py before 2.14.1, when using the standalone version, allows remot…	<2.14.1	HIGH	7.8
CVE-2013-2311	65832	Cross-site scripting (XSS) vulnerability in static/js/share.js (aka t…	>=0,<2.3.2	MEDIUM	4.3
CVE-2023-22432	54662	Open redirect vulnerability exists in web2py versions prior to 2.23.1…	>=0,<2.23.1	MEDIUM	6.1
CVE-2022-33146	54428	Open redirect vulnerability in web2py versions prior to 2.22.5 allows…	>=0,<2.22.5	MEDIUM	6.1