UBUNTU-CVE-2026-48589

Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...

EUVD-2026-31738

Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...

CVE-2026-48589

Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...

Apache Shiro 安全漏洞

Apache Shiro is a set of Java security frameworks for performing authentication, authorization, encryption, and session management from the Apache Foundation USA. A security vulnerability exists in Apache Shiro versions 2.0-alpha through 2.2.0 and 3.0.0-alpha-1, which stems from insufficient...

EUVD-2006-1914

Malware in sbrugna...

EUVD-2005-0223

Malware in sbrugna...

vbPortal 2.0 alpha 8.1 Authentication SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8613/info It has been reported that vbPortal is prone to SQL injection attacks when authentication users. The problem occurs due to insufficient sanitization of the $aid variable, used to store the name of the...

Sql injection

SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a searchgames action...

iGaming CMS 2.0 Alpha 1 - 'search.php' SQL Injection

!/usr/bin/perl ----------------------------------------------------- iGaming CMS 2.0 Alpha 1 Remote SQL Injection Exploit By StAkeR aka athos - StAkeRathotmaildotit On 16/10/2008 http://www.igamingcms.com/iGaming2Alpha.zip ----------------------------------------------------- use strict; use...

WWWboard password disclosure

//A vulnerability found in WWWboard that shows the administrative user names and passwords. Althought the password is hashed, It can easily be decoded. //Effected versions: Version 2.0 ALPHA 2 //File name: passwd.txt //File location: http://victim/wwwboard/passwd.txt //Google dork:...

WWWBoard 2.0 Alpha 2 (passwd.txt) Password Disclosure Vulnerability

WWWBoard 2.0 Alpha 2 passwd.txt Password Disclosure Vulnerability Affected Software: WWWBoard 2.0 Alpha Download: http://www.scriptarchive.com/wwwboard.html Bugfounder: bd0rk Contact: bd0rkathackermail.com Greetz: str0ke, Dner, TheJT, x0r32 +Exploit: http://target/wwwboardpath/passwd.txt...

WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure

WWWBoard 2.0 Alpha 2 passwd.txt Password Disclosure Vulnerability Affected Software: WWWBoard 2.0 Alpha Download: http://www.scriptarchive.com/wwwboard.html Bugfounder: bd0rk Contact: bd0rkathackermail.com Greetz: str0ke, Döner, TheJT, x0r32 +Exploit: http://target/wwwboardpath/passwd.txt...

WWWBoard 2.0 - passwd.txt Remote Password Disclosure

WWWBoard 2.0 - passwd.txt Remote Password Disclosure WWWBoard 2.0 Alpha 2 passwd.txt Password Disclosure Vulnerability Affected Software: WWWBoard 2.0 Alpha Download: http://www.scriptarchive.com/wwwboard.html Bugfounder: bd0rk Contact: bd0rkathackermail.com Greetz: str0ke, Döner, TheJT, x0r32...

WWWBoard 2.0 (passwd.txt) Remote Password Disclosure Vulnerability

No description provided by source. WWWBoard 2.0 Alpha 2 passwd.txt Password Disclosure Vulnerability Affected Software: WWWBoard 2.0 Alpha Download: http://www.scriptarchive.com/wwwboard.html Bugfounder: bd0rk Contact: bd0rkathackermail.com Greetz: str0ke, Döner, TheJT, x0r32 +Exploit:...

WWWBoard 2.0 (passwd.txt) Remote Password Disclosure Vulnerability

Exploit for cgi platform in category web applications ================================================================== WWWBoard 2.0 passwd.txt Remote Password Disclosure Vulnerability ================================================================== Affected Software: WWWBoard 2.0 Alpha...

Sql injection

SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter...

Design/Logic Flaw

DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid 1 fcategoryid parameter to topics.php or 2 unavariabile, 3 GLOBALS, or 4 SERVER parameters to script.php. NOTE: this information leak might be resultant from a global variable overwrite issue...

CVE-2006-1915

SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter...

CVE-2006-1914

DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid 1 fcategoryid parameter to topics.php or 2 unavariabile, 3 GLOBALS, or 4 SERVER parameters to script.php. NOTE: this information leak might be resultant from a global variable overwrite issue...

CVE-2006-1915

The CVE-2006-1915 entry affects DbbS 2.0-alpha and earlier, with a vulnerability in topics.php where the fcategoryid parameter is unsafely used, enabling remote attackers to execute arbitrary SQL commands. Root cause is likely improper input handling leading to SQL injection. Impact is arbitrary ...