N/A

The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.

N/A

N/A

CGILua 授权问题漏洞

CGILua是一款基于lua语言的用于创建动态网页的服务器端脚本语言。 CGILua 5.0.x版本存在授权问题漏洞，该漏洞源于网络系统或产品中缺少身份验证措施或身份验证强度不足。

N/A

N/A