CVE-2010-3863 PoC — Apache Shiro路径遍历漏洞

Source

https://github.com/sh1inroot-alt/shiro-cve-2010-3863

Associated Vulnerability

Title:Apache Shiro路径遍历漏洞 (CVE-2010-3863)
Description:Apache Shiro/Jsecurity都是强大、灵活的Java开源安全框架。 Apache Shiro 1.1.0版本，以及Jsecurity 0.9.x在执行路径匹配之前没有规范URI路径。远程攻击者可以借助特制请求绕过预设的访问限制。

Description

shiro 路径穿越

File Snapshot


 [4.0K]  /data/pocs/4b38a01efa61abeb17dbaec9e849c3b44f270dc0
├── [135K]  1.png
├── [142K]  2.png
├── [209K]  3.png
├── [ 349]  poc.yml
└── [ 242]  readme.md

1 directory, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!