CWE:
 

Topic
Date
Author
Low
Provided By Green4Solutions EcommZone Open Redirection Vulnerability
21.06.2018
KingSkrupellos
Low
Technical Support A2i-PMO Bangladesh e-Government Open Redirection Vulnerability
10.06.2018
KingSkrupellos
Med.
WolfCMS 0.8.3.1 Open Redirect
10.04.2018
Sureshbabu Narvaneni
Low
Tuleap Open Redirect
08.03.2018
Anonymous
Low
F-Secure Radar Open Redirect
17.02.2018
Oscar Hjelm
Low
Oracle E-Business Suite 12.1.3 / 12.2.x Open Redirect
16.01.2018
author
Low
WordPress MQ ReLinks 1.8 XSS / Open Redirection
11.01.2018
Ricardo Sanchez
Low
WordPress Feed-Statistics 4.1 Open Redirect
22.12.2017
Mostafa Gharzi
Low
OpenText Documentum Administrator / Webtop Open Redirection
27.09.2017
Jakub Palaczynski
Med.
Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
23.08.2017
SEC Consult
Med.
Ubiquiti Networks Open Redirect
25.07.2017
T.Weber
Low
DoorGets CMS 7.0 Open Redirect
04.07.2017
Rudra Sarkar
Med.
Drupal Public Download Count Module - Open Redirect
08.06.2017
Snooper
Med.
CMS Made Simple Babel Module 0.3.3 Open Redirect / Content Forgery
03.05.2017
MLT
Low
Amazon Simple Storage Service (S3) - Open Redirect Vulnerability
29.03.2017
Zero Security Group
Low
Instagram - Open Redirect Vulnerability
08.02.2017
S3Ni0R.M0T3Z4D
Low
LogicBoard CMS 3.0 / 4.0 / 4.1 Open Redirect
02.02.2017
n0ipr0cs
Med.
MailStore 10.0.1 Cross Site Scripting / Open Redirect
02.02.2017
Tobias Glemser
Low
Sarzamin Download - Open Redirect Vulnerability
20.01.2017
Blackwolf_Iran
Low
D-Link DIR-615 Open Redirection / Cross Site Scripting
14.01.2017
Osanda Malith Jayathis...
Low
Peplink NGxxx/LCxxx VPN-Firewall Open Redirect
30.11.2016
Gjoko 'LiquidWorm' Krs...
Med.
Lepton 2.2.2 Stable CSRF / Open Redirect / Password Handling
19.11.2016
Tim Coen
Med.
Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags
19.11.2016
Tim Coen
Low
Verint Impact 360 11.1 Open Redirect
11.11.2016
Sanehdeep Singh
Low
Puppet Enterprise Web Interface Open Redirect
23.10.2016
hyp3rlinx
Med.
Nagios XI 5.2.9 Cross Site Scripting / Open Redirect
21.10.2016
hyp3rlinx
Med.
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
13.10.2016
S3ba
Low
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability
11.10.2016
Vulnerability Lab
Low
u5 CMS 5.1.4 Open Redirect
27.09.2016
indoushka
Low
Coupon CMS 5.00 Open Redirect
20.09.2016
indoushka
Low
ECShop 2.7.2 Open Redirect
20.09.2016
indoushka
Med.
ASUS RT-N10 Multiple Vulnerabilities
15.09.2016
MustLive
Low
Symantec Endpoint Protection 12.1 CSRF / XSS / Open Redirect
30.06.2016
hyp3rlinx
Low
JobScript Open Redirection Vulnerability
23.05.2016
Bikramaditya Guha aka ...
Low
Oracle Discoverer Viewer BI Open Redirect
28.04.2016
Vulnerability Lab
Low
Fireware XTM Web UI Open Redirect
31.03.2016
Manuel Mancera
Low
Fortinet FortiOS Open Redirect / Cross Site Scripting
22.03.2016
Javier Nieto
Low
perfact::mpa Open Redirect
02.03.2016
Matthias Deeg and Sven...
Low
Adobe Cross Site Scripting / Open Redirect
19.02.2016
Vulnerability Lab
Low
Prezi Cross Site Scripting / Open Redirect
19.02.2016
Vulnerability Lab
Med.
WordPress 4.4.2 SSRF and open redirect vulnerability
09.02.2016
Multiple
Low
Wordpress clikstats plugin Open Redirect
08.02.2016
Ashiyane Digital Secur...
Low
Wordpress Newsletter Pro Plugin Open Redirect
08.02.2016
Ashiyane Digital Secur...
Low
Revive Adserver 3.2.2 Open Redirect
26.01.2016
Ashiyane Digital Secur...
Low
Church Edit Open Redirect
24.01.2016
Ashiyane Digital Secur...
Low
WordPress Extredj Open Redirection
20.01.2016
KnocKout
Low
WordPress No External Links 2.6.3 / 2.7.1 Open Redirect
14.01.2016
Ashiyane Digital Secur...
Low
WordPress JS External Link Info 1.21 Open Redirect
12.01.2016
Ashiyane Digital Secur...
Low
PhpSocial 2.0.0304_20222226 Cross Site Scripting / Open Redirect
26.12.2015
Tim Coen
Med.
CouchCMS 1.4.5 Cross Site Scripting / Open Redirect
25.12.2015
Tim Coen
Med.
Tweet Nest 0.8 Open Redirect
18.12.2015
indoushka
Low
Wordpress Begin Themes Open Redirect Vulnerability
17.12.2015
FullSecurity
Low
PageFlex CMS 1.1.2 Open Redirect
09.12.2015
indoushka
Med.
ASUS RT-N15U Code Execution / XSS / Open Redirect
04.12.2015
MustLive
Low
Banner Student XSS / Information Disclosure / Open Redirect
04.12.2015
RiskSense
Low
Elefant CMS Open Redirect
10.11.2015
Ashiyane Digital Secur...
Med.
actiTIME 2015.2 Multiple Vulnerabilities
01.11.2015
Gjoko 'LiquidWorm' Krs...
Low
Google Open Redirect
16.10.2015
Vicente Aguilera Diaz,
Low
Kentico CMS 8.2 Cross Site Scripting / Open Redirect
16.10.2015
KINGSABRI
Low
PayPal URL Redirect Web Vulnerability
12.10.2015
Vulnerability Lab
Low
Anchor CMS 0.9.2 Cross Site Scripting / Open Redirect
18.09.2015
Tim Coen
Low
Phorum 5.2.19 Cross Site Scripting / Open Redirect
19.08.2015
Tim Coen
Low
OpenX - Revive Oped Redirect Vulnerability
15.08.2015
R3NW4
Low
Frog CMS 0.9.5 Open Redirect
11.08.2015
Arash Khazaei
Low
GetSimple CMS 3.3.5 Open Redirect
11.08.2015
Arash Khazaei
Med.
WolfCMS Open Redirect Vulnerability
10.08.2015
Arash Khazaei
Low
WordPress Music Store 1.0.14 Open Redirect
28.07.2015
Nitin Venkatesh
Low
Seditio CMS 1.7.1 Open Redirect
28.07.2015
Arash Khazaei
Low
Oracle E-Business Suite Open Redirection
18.07.2015
Owais Mohammad Khan
Low
Kaseya Virtual System Administrator File Download / Open Redirect
15.07.2015
Pedro Ribeiro
Med.
Bonita BPM 6.5.1 Directory Traversal / Open Redirect
10.06.2015
High-Tech Bridge Secur...
Low
SilverStripe CMS 3.1.13 XSS / Open Redirect
10.06.2015
John Page
Low
Vevocart 6.1.0 Open Redirect
31.05.2015
provensec
Low
SolarWinds Network Performance Monitor Open Redirect
23.05.2015
Provensec
Low
phpBB 3.0.13 Open Redirect under chrome
12.05.2015
bantu
Low
Opoint Media Intelligence Open Redirect
17.04.2015
Wang Jing
Low
Qlik Open Redirect
08.04.2015
provensec
Med.
Ericsson Drutt MSDP (3PI Manager) Open Redirect
01.04.2015
Anastasios Monachos (s...
Low
Innovative WebPAC Pro 2.0 Open Redirect
17.03.2015
Wang Jing
Low
WordPress Newsletter 2.6.x / 2.5.x Open Redirect
05.03.2015
Wang Jing
Low
u5CMS 3.9.3 Multiple Open Redirect Vulnerabilities
10.02.2015
Gjoko 'LiquidWorm' Krs...
Med.
Mantis BugTracker 1.2.19 Open Redirect
29.01.2015
Alejo Popovici
Med.
Alibaba Cross Site Scripting / Open Redirect
23.01.2015
Wang Jing
Low
Tapatalk Open Redirect
20.01.2015
nhoya
Low
WoltLab Burning Board 4.0 Tapatalk Open Redirect
14.01.2015
RedTeam
Low
AdaptCMS 3.0.3 HTTP Referer Header Field Open Redirect Vulnerability
06.01.2015
Gjoko 'LiquidWorm' Krs...
Med.
CNN Cross Site Scripting / Open Redirect
30.12.2014
Wang Jing
Med.
MantisBT 1.2.17 URL redirection issue
14.12.2014
P Richards
Low
WordPress Ad-Manager 1.1.2 Open Redirect
01.12.2014
Wang Jing
Low
Booking.com Open Redirect
22.11.2014
Sergio Giucastro
Med.
Zenario CMS 7.0.2d Cross Site Scripting / Open Redirect
21.11.2014
Gjoko 'LiquidWorm' Krs...
Med.
Snowfox CMS 1.0 Open Redirect
19.11.2014
Gjoko 'LiquidWorm' Krs...
Low
Google DoubleClick Open Redirect
15.11.2014
Wang Jing
Low
Eleanor CMS Open Redirect
13.11.2014
Renzi
Low
vBulletin 4.2.1 Open Redirect
05.11.2014
Renzi
Low
Newtelligence dasBlog 2.3 Open Redirect
21.10.2014
Wang Jing
Med.
Newtelligence dasBlog Open Redirect Vulnerability
20.10.2014
Wang Jing
Low
OpenX 2.8.10 Open Redirect
17.10.2014
Wang Jing
Med.
Pagekit 0.8.7 Cross Site Scripting / Open Redirect
14.10.2014
Mahendra
Low
Samsung.com Open Redirect
14.10.2014
Claudio Viviani


CVEMAP Search Results

CVE
Details
Description
2018-05-17
Medium
CVE-2018-11119

Vendor: Ilias
Software: Ilias
 

 
ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.

 
2018-05-13
Medium
CVE-2018-10678

Vendor: MYBB
Software: MYBB
 

 
MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements, which makes it easier for remote attackers to conduct redirection attacks.

 
2018-05-11
Low
CVE-2018-5304

Updating...
 

 
An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The affected web interface is vulnerable to ClickJacking or UI Redressing: it is possible to access the web application in an iframe, and clicking on the iframe will redirect to a third-party application or perform other malicious actions.

 
2018-05-08
Medium
CVE-2018-1000174

Vendor: Jenkins
Software: Google login
 

 
An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows attackers to redirect users to an arbitrary URL after successful login.

 
Medium
CVE-2018-1248

Vendor: RSA
Software: Authenticati...
 

 
RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability. This could allow a remote attacker to potentially poison HTTP cache and subsequently redirect users to arbitrary web domains.

 
2018-04-30
Medium
CVE-2017-18262

Vendor: Blackboard
Software: Blackboard learn
 

 
Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI.

 
2018-04-16
Medium
CVE-2018-10100

Vendor: Wordpress
Software: Wordpress
 

 
Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

 
Medium
CVE-2018-10101

Vendor: Wordpress
Software: Wordpress
 

 
Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

 
2018-04-13
Medium
CVE-2017-0364

Vendor: Mediawiki
Software: Mediawiki
 

 
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Special:Search allows redirects to any interwiki link.

 
Medium
CVE-2017-0363

Vendor: Mediawiki
Software: Mediawiki
 

 
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top