Lucene search
+L

649 matches found

Debian CVE
Debian CVE
added 2010/11/05 4:28 p.m.45 views

CVE-2010-3863

Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI...

5CVSS6.3AI score0.54799EPSS
Exploits2
CVE
CVE
added 2010/11/05 4:28 p.m.99 views

CVE-2010-3863

CVE-2010-3863 affects Apache Shiro (before 1.1.0) and JSecurity 0.9.x. The root cause is failure to canonicalize URI paths before comparing them to entries in the shiro.ini filter, allowing a remote attacker to bypass access restrictions with crafted requests such as GET /./account/index.jsp. The...

5CVSS6.5AI score0.54799EPSS
Exploits2References7Affected Software2
Cvelist
Cvelist
added 2010/11/05 4:28 p.m.31 views

CVE-2010-3863

Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI...

6.4AI score0.54799EPSS
Exploits2References7
securityvulns
securityvulns
added 2010/11/04 12:0 a.m.52 views

Apache Shiro protection bypass

Protection bypass via directory traversal...

5CVSS4.6AI score0.54799EPSS
Exploits2References1Affected Software1
Packet Storm
Packet Storm
added 2010/11/04 12:0 a.m.78 views

Apache Shiro Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2010-3863: Apache Shiro information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Shiro 1.0.0-incubating The unsupported JSecurity 0.9.x versions are also affected Description:...

5CVSS6.6AI score0.54799EPSS
Exploits2
securityvulns
securityvulns
added 2010/11/04 12:0 a.m.141 views

CVE-2010-3863: Apache Shiro information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2010-3863: Apache Shiro information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Shiro 1.0.0-incubating The unsupported JSecurity 0.9.x versions are also affected Description:...

5CVSS5.8AI score0.54799EPSS
Exploits2
exploitpack
exploitpack
added 2010/11/02 12:0 a.m.19 views

Apache Shiro - Directory Traversal

Apache Shiro - Directory Traversal source: https://www.securityfocus.com/bid/44616/info Apache Shiro is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that coul...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/11/02 12:0 a.m.67 views

Apache Shiro - Directory Traversal

source: https://www.securityfocus.com/bid/44616/info Apache Shiro is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. Apache...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/06/29 12:0 a.m.23 views

phpFanfiction SQL Injection Exploit

!/usr/bin/perl phpFanfiction Remote SQL injection Greetz www.MainHack.com - www.ServerIsDown.org - www.sux0r.net VOP Crew Vaksin13 OoNBoy Paman R3VANBASTARD Kecemplungkalen eminem Shiro zxvf Pizzyroot iwannine Jupe Crew makasih buat ngenet gratisnya wkwkwk use HTTP::Request; use LWP::UserAgent;...

0.3AI score
Exploits0
Rows per page
Query Builder