CWE:
 

Topic
Date
Author
Med.
WordPress WP-JS-External-Link-Info Plugins 2.2.0 Open Redirection
18.02.2019
KingSkrupellos
Low
GetSimpleCMS 3.3.13 Open Redirect
15.02.2019
Mithat Gogebakan
Low
OpenText Documentum Webtop 5.3 SP2 Open Redirect
11.02.2019
Rafael Pedrero
Low
glimpse.bukalapak.com Open Redirect
03.02.2019
abay
Med.
WordPress 2013 TwentyThirteen Themes 5.0.3 Open Redirection
16.01.2019
KingSkrupellos
Low
ModX Open Source CMS Babel Modules 3.0.0 Open Redirect
15.01.2019
KingSkrupellos
Med.
Joomla Simple RSS Feed Reader mod_jw_srfr 3.6.0 Modules Open Redirect
15.01.2019
KingSkrupellos
Low
OrangeForum 1.4.0 Open Redirection
10.01.2019
Omar Kurt
Low
WordPress BlackHawk Themes Open Redirection Vulnerability
26.11.2018
KingSkrupellos
Med.
WordPress Begin Themes Start-up Business ThemeForest Open Redirection Vulnerability
04.11.2018
KingSkrupellos
Low
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Open Redirect
17.07.2018
LiquidWorm
Low
Developed By the DokaGroup Laboratory 2008-2011 Belarus Open Redirection Vulnerability
29.06.2018
KingSkrupellos
Low
Provided By Green4Solutions EcommZone Open Redirection Vulnerability
21.06.2018
KingSkrupellos
Low
Technical Support A2i-PMO Bangladesh e-Government Open Redirection Vulnerability
10.06.2018
KingSkrupellos
Med.
WolfCMS 0.8.3.1 Open Redirect
10.04.2018
Sureshbabu Narvaneni
Low
Tuleap Open Redirect
08.03.2018
Anonymous
Low
F-Secure Radar Open Redirect
17.02.2018
Oscar Hjelm
Low
Oracle E-Business Suite 12.1.3 / 12.2.x Open Redirect
16.01.2018
author
Low
WordPress MQ ReLinks 1.8 XSS / Open Redirection
11.01.2018
Ricardo Sanchez
Low
WordPress Feed-Statistics 4.1 Open Redirect
22.12.2017
Mostafa Gharzi
Low
OpenText Documentum Administrator / Webtop Open Redirection
27.09.2017
Jakub Palaczynski
Med.
Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
23.08.2017
SEC Consult
Med.
Ubiquiti Networks Open Redirect
25.07.2017
T.Weber
Low
DoorGets CMS 7.0 Open Redirect
04.07.2017
Rudra Sarkar
Med.
Drupal Public Download Count Module - Open Redirect
08.06.2017
Snooper
Med.
CMS Made Simple Babel Module 0.3.3 Open Redirect / Content Forgery
03.05.2017
MLT
Low
Amazon Simple Storage Service (S3) - Open Redirect Vulnerability
29.03.2017
Zero Security Group
Low
Instagram - Open Redirect Vulnerability
08.02.2017
S3Ni0R.M0T3Z4D
Low
LogicBoard CMS 3.0 / 4.0 / 4.1 Open Redirect
02.02.2017
n0ipr0cs
Med.
MailStore 10.0.1 Cross Site Scripting / Open Redirect
02.02.2017
Tobias Glemser
Low
Sarzamin Download - Open Redirect Vulnerability
20.01.2017
Blackwolf_Iran
Low
D-Link DIR-615 Open Redirection / Cross Site Scripting
14.01.2017
Osanda Malith Jayathis...
Low
Peplink NGxxx/LCxxx VPN-Firewall Open Redirect
30.11.2016
Gjoko 'LiquidWorm' Krs...
Med.
Lepton 2.2.2 Stable CSRF / Open Redirect / Password Handling
19.11.2016
Tim Coen
Med.
Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags
19.11.2016
Tim Coen
Low
Verint Impact 360 11.1 Open Redirect
11.11.2016
Sanehdeep Singh
Low
Puppet Enterprise Web Interface Open Redirect
23.10.2016
hyp3rlinx
Med.
Nagios XI 5.2.9 Cross Site Scripting / Open Redirect
21.10.2016
hyp3rlinx
Med.
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
13.10.2016
S3ba
Low
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability
11.10.2016
Vulnerability Lab
Low
u5 CMS 5.1.4 Open Redirect
27.09.2016
indoushka
Low
Coupon CMS 5.00 Open Redirect
20.09.2016
indoushka
Low
ECShop 2.7.2 Open Redirect
20.09.2016
indoushka
Med.
ASUS RT-N10 Multiple Vulnerabilities
15.09.2016
MustLive
Low
Symantec Endpoint Protection 12.1 CSRF / XSS / Open Redirect
30.06.2016
hyp3rlinx
Low
JobScript Open Redirection Vulnerability
23.05.2016
Bikramaditya Guha aka ...
Low
Oracle Discoverer Viewer BI Open Redirect
28.04.2016
Vulnerability Lab
Low
Fireware XTM Web UI Open Redirect
31.03.2016
Manuel Mancera
Low
Fortinet FortiOS Open Redirect / Cross Site Scripting
22.03.2016
Javier Nieto
Low
perfact::mpa Open Redirect
02.03.2016
Matthias Deeg and Sven...
Low
Adobe Cross Site Scripting / Open Redirect
19.02.2016
Vulnerability Lab
Low
Prezi Cross Site Scripting / Open Redirect
19.02.2016
Vulnerability Lab
Med.
WordPress 4.4.2 SSRF and open redirect vulnerability
09.02.2016
Multiple
Low
Wordpress clikstats plugin Open Redirect
08.02.2016
Ashiyane Digital Secur...
Low
Wordpress Newsletter Pro Plugin Open Redirect
08.02.2016
Ashiyane Digital Secur...
Low
Revive Adserver 3.2.2 Open Redirect
26.01.2016
Ashiyane Digital Secur...
Low
Church Edit Open Redirect
24.01.2016
Ashiyane Digital Secur...
Low
WordPress Extredj Open Redirection
20.01.2016
KnocKout
Low
WordPress No External Links 2.6.3 / 2.7.1 Open Redirect
14.01.2016
Ashiyane Digital Secur...
Low
WordPress JS External Link Info 1.21 Open Redirect
12.01.2016
Ashiyane Digital Secur...
Low
PhpSocial 2.0.0304_20222226 Cross Site Scripting / Open Redirect
26.12.2015
Tim Coen
Med.
CouchCMS 1.4.5 Cross Site Scripting / Open Redirect
25.12.2015
Tim Coen
Med.
Tweet Nest 0.8 Open Redirect
18.12.2015
indoushka
Low
Wordpress Begin Themes Open Redirect Vulnerability
17.12.2015
FullSecurity
Low
PageFlex CMS 1.1.2 Open Redirect
09.12.2015
indoushka
Med.
ASUS RT-N15U Code Execution / XSS / Open Redirect
04.12.2015
MustLive
Low
Banner Student XSS / Information Disclosure / Open Redirect
04.12.2015
RiskSense
Low
Elefant CMS Open Redirect
10.11.2015
Ashiyane Digital Secur...
Med.
actiTIME 2015.2 Multiple Vulnerabilities
01.11.2015
Gjoko 'LiquidWorm' Krs...
Low
Google Open Redirect
16.10.2015
Vicente Aguilera Diaz,
Low
Kentico CMS 8.2 Cross Site Scripting / Open Redirect
16.10.2015
KINGSABRI
Low
PayPal URL Redirect Web Vulnerability
12.10.2015
Vulnerability Lab
Low
Anchor CMS 0.9.2 Cross Site Scripting / Open Redirect
18.09.2015
Tim Coen
Low
Phorum 5.2.19 Cross Site Scripting / Open Redirect
19.08.2015
Tim Coen
Low
OpenX - Revive Oped Redirect Vulnerability
15.08.2015
R3NW4
Low
Frog CMS 0.9.5 Open Redirect
11.08.2015
Arash Khazaei
Low
GetSimple CMS 3.3.5 Open Redirect
11.08.2015
Arash Khazaei
Med.
WolfCMS Open Redirect Vulnerability
10.08.2015
Arash Khazaei
Low
WordPress Music Store 1.0.14 Open Redirect
28.07.2015
Nitin Venkatesh
Low
Seditio CMS 1.7.1 Open Redirect
28.07.2015
Arash Khazaei
Low
Oracle E-Business Suite Open Redirection
18.07.2015
Owais Mohammad Khan
Low
Kaseya Virtual System Administrator File Download / Open Redirect
15.07.2015
Pedro Ribeiro
Med.
Bonita BPM 6.5.1 Directory Traversal / Open Redirect
10.06.2015
High-Tech Bridge Secur...
Low
SilverStripe CMS 3.1.13 XSS / Open Redirect
10.06.2015
John Page
Low
Vevocart 6.1.0 Open Redirect
31.05.2015
provensec
Low
SolarWinds Network Performance Monitor Open Redirect
23.05.2015
Provensec
Low
phpBB 3.0.13 Open Redirect under chrome
12.05.2015
bantu
Low
Opoint Media Intelligence Open Redirect
17.04.2015
Wang Jing
Low
Qlik Open Redirect
08.04.2015
provensec
Med.
Ericsson Drutt MSDP (3PI Manager) Open Redirect
01.04.2015
Anastasios Monachos (s...
Low
Innovative WebPAC Pro 2.0 Open Redirect
17.03.2015
Wang Jing
Low
WordPress Newsletter 2.6.x / 2.5.x Open Redirect
05.03.2015
Wang Jing
Low
u5CMS 3.9.3 Multiple Open Redirect Vulnerabilities
10.02.2015
Gjoko 'LiquidWorm' Krs...
Med.
Mantis BugTracker 1.2.19 Open Redirect
29.01.2015
Alejo Popovici
Med.
Alibaba Cross Site Scripting / Open Redirect
23.01.2015
Wang Jing
Low
Tapatalk Open Redirect
20.01.2015
nhoya
Low
WoltLab Burning Board 4.0 Tapatalk Open Redirect
14.01.2015
RedTeam
Low
AdaptCMS 3.0.3 HTTP Referer Header Field Open Redirect Vulnerability
06.01.2015
Gjoko 'LiquidWorm' Krs...
Med.
CNN Cross Site Scripting / Open Redirect
30.12.2014
Wang Jing
Med.
MantisBT 1.2.17 URL redirection issue
14.12.2014
P Richards


CVEMAP Search Results

CVE
Details
Description
2019-02-15
Low
CVE-2019-8345

Vendor: Estrongs
Software: Es file expl...
 

 
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL.

 
2019-02-13
Medium
CVE-2019-5915

Updating...
 

 
Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.

 
2019-01-30
Medium
CVE-2019-3912

Updating...
 

 
An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.

 
2019-01-24
Medium
CVE-2019-6780

Updating...
 

 
The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer.

 
2019-01-09
Medium
CVE-2018-16191

Updating...
 

 
Open redirect vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3.0.4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE 3.0.12-p1, EC-CUBE 3.0.13, EC-CUBE 3.0.14, EC-CUBE 3.0.15, EC-CUBE 3.0.16) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

 
Medium
CVE-2018-16174

Updating...
 

 
Open redirect vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

 
Medium
CVE-2018-0688

Updating...
 

 
Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 June 19, EP-707A firmware versions released prior to 2017 August 1, EP-708A firmware versions released prior to 2017 August 7, EP-709A firmware versions released prior to 2017 June 12, EP-777A firmware versions released prior to 2017 August 1, EP-807AB/AW/AR firmware versions released prior to 2017 August 1, EP-808AB/AW/AR firmware versions released prior to 2017 August 7, EP-879AB/AW/AR firmware versions released prior to 2017 June 12, EP-907F firmware versions released prior to 2017 August 1, EP-977A3 firmware versions released prior to 2017 August 1, EP-978A3 firmware versions released prior to 2017 August 7, EP-979A3 firmware versions released prior to 2017 June 12, EP-M570T firmware versions released prior to 2017 September 6, EW-M5071FT firmware versions released prior to 2017 November 2, EW-M660FT firmware versions released prior to 2018 April 19, EW-M770T firmware versions released prior to 2017 September 6, PF-70 firmware versions released prior to 2018 April 20, PF-71 firmware versions released prior to 2017 July 18, PF-81 firmware versions released prior to 2017 September 14, PX-048A firmware versions released prior to 2017 July 4, PX-049A firmware versions released prior to 2017 September 11, PX-437A firmware versions released prior to 2017 July 24, PX-M350F firmware versions released prior to 2018 February 23, PX-M5040F firmware versions released prior to 2017 November 20, PX-M5041F firmware versions released prior to 2017 November 20, PX-M650A firmware versions released prior to 2017 October 17, PX-M650F firmware versions released prior to 2017 October 17, PX-M680F firmware versions released prior to 2017 June 29, PX-M7050F firmware versions released prior to 2017 October 13, PX-M7050FP firmware versions released prior to 2017 October 13, PX-M7050FX firmware versions released prior to 2017 November 7, PX-M7070FX firmware versions released prior to 2017 April 27, PX-M740F firmware versions released prior to 2017 December 4, PX-M741F firmware versions released prior to 2017 December 4, PX-M780F firmware versions released prior to 2017 June 29, PX-M781F firmware versions released prior to 2017 June 27, PX-M840F firmware versions released prior to 2017 November 16, PX-M840FX firmware versions released prior to 2017 December 8, PX-M860F firmware versions released prior to 2017 October 25, PX-S05B/W firmware versions released prior to 2018 March 9, PX-S350 firmware versions released prior to 2018 February 23, PX-S5040 firmware versions released prior to 2017 November 20, PX-S7050 firmware versions released prior to 2018 February 21, PX-S7050PS firmware versions released prior to 2018 February 21, PX-S7050X firmware versions released prior to 2017 November 7, PX-S7070X firmware versions released prior to 2017 April 27, PX-S740 firmware versions released prior to 2017 December 3, PX-S840 firmware versions released prior to 2017 November 16, PX-S840X firmware versions released prior to 2017 December 8, PX-S860 firmware versions released prior to 2017 December 7) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the web interface of the affected product.

 
2018-12-19
Medium
CVE-2018-15798

Updating...
 

 
Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse.

 
2018-12-18
Medium
CVE-2018-19790

Vendor: Sensiolabs
Software: Symfony
 

 
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login.

 
2018-12-17
Medium
CVE-2018-7804

Vendor: Schneider-electric
Software: Modicom bmxn...
 

 
A URL Redirection to Untrusted Site vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a user clicking on a specially crafted link can be redirected to a URL of the attacker's choosing.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top