CVE-2014-125112

Published: Mar 26, 2026 Last Modified: Mar 26, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution.

Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of the cookie data, when there is no secret used to sign the cookie.

565

Reliance on Cookies without Validation and Integrity Checking

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Access Control

Potential Impacts:

Modify Application Data Execute Unauthorized Code Or Commands Gain Privileges Or Assume Identity

Applicable Platforms

All platforms may be affected

View CWE Details

https://gist.github.com/miyagawa/2b8764af908a0dacd43d

https://metacpan.org/release/MIYAGAWA/Plack-Middleware-Sess…

https://metacpan.org/release/MIYAGAWA/Plack-Middleware-Session-0.23-TRIAL/chang…

CVE-2014-125112

Description

Reliance on Cookies without Validation and Integrity Checking

Common Consequences

Applicable Platforms

Iscriviti alla newsletter