4 matches found
UBUNTU-CVE-2026-48589
Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...
EUVD-2026-31738
Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...
WWWboard password disclosure
//A vulnerability found in WWWboard that shows the administrative user names and passwords. Althought the password is hashed, It can easily be decoded. //Effected versions: Version 2.0 ALPHA 2 //File name: passwd.txt //File location: http://victim/wwwboard/passwd.txt //Google dork:...
Invision Power Board (IP.Board) < 2.0 Alpha 3 - SQL Injection (PoC)
IP.Board SQL Injection Vendor: Invision Power Services Product: IP.Board Version: 0 OR pinned=1 ORDER BY pinned DESC, ProblemIsHere DESC LIMIT 0,15 mySQL e...