CVE-2024-13933

creationtimestamp| type| source ---|---|--- 2025-03-19 13:49:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8040 2025-03-19 14:38:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkqfwsy3rw2j 2025-03-19 14:38:44+00:00| seen| https://t.me/cvedetector/20633 2025-03-19...

CVE-2024-13933

CVE-2024-13933 : FoodBakery | Delivery Restaurant Directory WordPress Theme (≤ 4.7) has a Cross-Site Request Forgery flaw due to missing/incorrect nonce validation across multiple functions (foodbakery_var_backup_file_delete, foodbakery_widget_file_delete, theme_option_save, export_widget_setting...

CVE-2024-13933 FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Cross-Site Request Forgery in Multiple Functions

The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. This is due to missing or incorrect nonce validation on the foodbakeryvarbackupfiledelete, foodbakerywidgetfiledelete,...

Ubuntu: Security Advisory (USN-6352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6352-1 shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

USN-6352-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

Ubuntu 18.04 ESM / 20.04 LTS : Apache Shiro vulnerabilities (USN-6352-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6352-1 advisory. It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass...

Exploit for CVE-2020-13933

CVE-2020-13933 靶场 shiro 权限配置， 当请求 /res/ 资源时， 302 跳转到登陆页面进行身份认证 - NameController.java： · /res/name： 请求名为 name 的的资源（触发身份认证） · /res/： 不请求任何资源（不触发身份认证） 靶场验证 不在请求路由中指定资源名称时，不触发身份验证，也无资源返回： http://127.0.0.1:8080/res/ 在请求路由中指定资源名称时，302 跳转到身份验证页面： http://127.0.0.1:8080/res/poc 构造特定 PoC...

CVE-2020-13933

creationtimestamp| type| source ---|---|--- 2023-01-24 22:52:24+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/3707...

CVE-2018-13933

CVE-2018-13933 is rejected and does not represent an active vulnerability entry.

Debian DLA-2726-1 : shiro - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2726 advisory. It was discovered that there were two issues in shiro, a security framework for Java applications: CVE-2020-13933 Fix an authentication bypass resulting from a...

Debian: Security Advisory (DLA-2726-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2726-1] shiro security update

Debian LTS Advisory DLA-2726-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez August 02, 2021 https://wiki.debian.org/LTS Package : shiro Version : 1.3.2-1+deb9u2 CVE ID : CVE-2020-13933 CVE-2020-17510 Debian Bug : 968753 It was discovered that there were two...

be.fluid-it.guice.extensions:guice-multi-shiro-realms (=0.1-1), be.fluid-it.shiro.jee:shiro-jee-authc (>=0.1-1 <=0.1-3) +2823 more potentially affected by CVE-2020-13933 via org.apache.shiro:shiro-core (>=1.0.0-incubating <=1.5.3)

org.apache.shiro:shiro-core MAVEN version =1.0.0-incubating, =0.1-1, =4.0.0-RC2, =1.0.0, =1.0.0, =0.0.2, =0.0.21, =0.0.2, =0.0.1, =1.0.0, =0.1, =0.1, =0.2 and more Source cves: CVE-2020-13933 Source advisory: OSV:GHSA-2VGM-WXR3-6W2J...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R18 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

Security Bulletin: Apache Shiro as used by Master Console is vulnerable to improper acceess control (CVE-2020-13933)

Summary Apache Shiro as used by Master Console is vulnerable to improper acceess control Vulnerability Details CVEID: CVE-2020-13933 DESCRIPTION: Apache Shiro could allow a remote attacker to bypass security restrictions, caused by improper authentication validation. By sending a specially-crafte...

Exploit for CVE-2020-13933

CVE-2020-13933 – Test Bed shiro: Permission configuration...

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...