CWE:
 

Topic
Date
Author
Low
Products.PluggableAuthService 2.6.0 Open Redirect
02.06.2021
Piyush Patil
Low
Tableau Server Open Redirection
08.04.2021
Dr. Vladimir Bostanov
Low
OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection
09.03.2021
Daniel Moreno
Low
b2evolution CMS 6.11.6 Open Redirection
11.02.2021
Nakul Ratti
Low
WordPress Age Gate 2.13.4 Open Redirect
30.11.2020
Ilca Lucian Florin
Low
Twitter Analytics Open Redirect
09.10.2020
asheesh anaconda
Low
Verint Impact 360 15.1 Open Redirect
16.07.2020
Ryan Delaney
Low
Android o2 Business 1.2.0 Open Redirect
05.07.2020
Julien Ahrens
Low
WordPress Weekender Newspaper Themes 9.0 Open Redirection
18.04.2020
KingSkrupellos
Low
WordPress Attitude Themes 1.1.1 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress Eatery Restaurant Themes 2.2 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress justnews-child Themes 1.0 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress Nashvilleparent Themes 1.10 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress Grimag Themes 1.2.5 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress Wmyx2.0 Themes 2.0 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress ProStore Themes 1.1.2 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress Eurielle Themes 0.1.0 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress Upward Themes 1.5 Open Redirection
24.03.2020
KingSkrupellos
Low
Yandex Search Engine Open Redirection
22.03.2020
KingSkrupellos
Low
WordPress WPTouch Switch Desktop 3.x Open Redirection
22.03.2020
KingSkrupellos
Low
Koha GreenStone Library 3.x Open Redirection
22.03.2020
KingSkrupellos
Med.
Daktilo News Software 1.9 Open Redirection
22.03.2020
KingSkrupellos
Med.
Revive Adserver 5.0.4 Security Bypass / Open Redirect
14.03.2020
Matteo Beccati
Med.
HomeAutomation 3.3.2 Open Redirect
31.12.2019
LiquidWorm
Low
Apache Httpd mod_rewrite Open Redirects
21.11.2019
Anonymous
Low
Optergy Proton/Enterprise BMS 2.3.0a Open Redirect
13.11.2019
LiquidWorm
Low
ParantezTeknoloji Library Software 16.0519000 Open Redirection
05.10.2019
KingSkrupellos
Low
Desarollo por Ezink Gds-Web Open Redirection Vulnerability
04.10.2019
KingSkrupellos
Low
Devinim Library Software 19.0504000 Open Redirection Vulnerability
04.10.2019
KingSkrupellos
Low
ParantezTeknoloji Library Software 16.0519000 Open Redirection Vulnerability
04.10.2019
KingSkrupellos
Low
Mediasation Wliinc26 Open Redirection
20.08.2019
KingSkrupellos
Low
Zurmo 3.2.6 Open Redirection
28.07.2019
Daniel Bishtawi
Med.
Paypal app Link Open Redirection
09.07.2019
Iran Cyber Security Gr...
Med.
Koha Library Software 18.1106000 Tracklinks Open Redirection
20.06.2019
KingSkrupellos
Low
Spring Security OAuth 2.3 Open Redirection
19.06.2019
Riemann
Med.
WordPress 5.2.1 Antena_Ri Institute Themes 2.0 Open Redirection
10.06.2019
KingSkrupellos
Low
CMSMadeSimple Software Babel Modules 1.9.4.2 Open Redirection
03.06.2019
KingSkrupellos
Low
WordPress WPAds Plugins 1.0 Open Redirection
29.05.2019
KingSkrupellos
Low
WordPress 4.8 Nya-Comment-DoFollow Plugins 1.0 Open Redirection
29.05.2019
KingSkrupellos
Low
WordPress 5.1.1 jilijilibegin Themes LTS 4.6 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 4.9.x Jingke Themes 1.0 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Xunjin Themes 4.6 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 4.8.9 Tigin Themes 1.0.5 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 5.2.1 Divi-Child Themes 1.0 Open Redirection
28.05.2019
KingSkrupellos
Med.
WordPress 4.9.10 4DMayi Themes 4.6 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 5.2.1 DingTalk Themes LTS 4.6 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 4.9.8 LaneMotorSport Responsive Themes 1.8.4 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 4.6.14 lqcPlugin-regiePublicites Plugins 1.0 Open Redirection
25.05.2019
KingSkrupellos
Low
Irish News TheJournal Open Redirection
23.05.2019
KingSkrupellos
Med.
WordPress 4.6.12 PHPL Plugins 1.0 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 5.2.1 Dankov Planer Themes 1.1.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Aliyun Themes 5.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.4.18 Ad-Manager Plugins 1.1.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Chrome-Extensions Themes 1.0 Open Redirection
23.05.2019
KingSkrupellos
Med.
Xoops Wordpress Modules WP-Ktai 0.5.0 Japan Open Redirection
20.05.2019
KingSkrupellos
Med.
Revive Adserver Deserialization / Open Redirect
02.05.2019
Matteo Beccati
Low
Masch CMStudio Banners 8.6.1 Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.9.10 ButterKekse Plugins Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.9.2 WordPress-Feed-Statistics Plugins 4.1 Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.8 Ait-ThemesClub TemplatePreview 1.8.1 RFI Open Redirection
28.03.2019
KingSkrupellos
Low
HollandPlaza TexelseMedia AdvertisementsCounter Plugins Open Redirection
28.03.2019
KingSkrupellos
Low
Masch CMStudio Banners Modules 8.6.1 Open Redirection
28.03.2019
KingSkrupellos
Low
WordPress 4.6.1 WireFunnel Plugins Open Redirection
28.03.2019
KingSkrupellos
Med.
WordPress 5.1.1 WPBounce AND-AntiBounce Plugins 1.0.3 Open Redirection
27.03.2019
KingSkrupellos
Low
Wordpress 5.0.4 begin Themes Open Redirection
26.03.2019
L4663r666h05t
Low
AlumniMagnet Open Redirection
26.03.2019
KingSkrupellos
Low
Progetti di Impresa SRL ItalyGov Open Redirection
26.03.2019
KingSkrupellos
Low
WordPress 3.4.2 The-CL-Amazon-Thingy Plugins 1.0 Open Redirection
23.03.2019
KingSkrupellos
Med.
WordPress 5.0.4 Age-Verification Plugins 0.5 Open Redirection
21.03.2019
KingSkrupellos
Low
WordPress 5.0.4 Zangai Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x BigChrome Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 5.0.4 2018110612035976 Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 5.1.1 Wopus Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.10 İfxPro.Cn Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.3 itiis Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x Wngzs Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x Concise Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x UsaMusic-PC Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress Aibbt Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress Deep Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress 2kqq Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress Azzxx Themes Open Redirection
12.03.2019
KingSkrupellos
Med.
OpenCart Price Comparison Store Modules 3.x Open Redirection
11.03.2019
KingSkrupellos
Med.
VanillaForums 2.x Open Redirection
11.03.2019
KingSkrupellos
Low
Babel 0.4.1 Open Redirection
07.03.2019
Jan Kopriva
Low
MeteoTemplate 17.1 Nectarine Diary Plugins 4.0 Open Redirection
07.03.2019
KingSkrupellos
Low
MeteoTemplate 17.1 Nectarine globalSnow Plugins 1.1 Open Redirection
07.03.2019
KingSkrupellos
Low
Meteotemplate 17.1 Nectarine indoorData Plugins 4.0 Open Redirection
07.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Ajax Threads 1.1.3 Lite Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 vBSuper_PM 1.2.3 Lite Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.x Seo by vBSeo 3.3.2 Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Member Map 1.1.2 Lite Open Redirection
04.03.2019
KingSkrupellos
Med.
MeteoTemplate 17.1 Nectarine Deviations Plugins 2.0 Open Redirection
03.03.2019
KingSkrupellos
Low
SMF 2.0.15 SMF4Mobile 1.1.5/1.2 SMF-Media Open Redirection
02.03.2019
KingSkrupellos
Low
XenForo 1.5.x Advanced Application Forms 1.2.2 Open Redirection
02.03.2019
KingSkrupellos
Low
XenForo 1.5.x XF-Russia Open Redirection
02.03.2019
KingSkrupellos
Low
vBulletin 3.8.x vBadvanced CMPS v3.2.3 Open Redirection
01.03.2019
KingSkrupellos
Med.
vBulletin 3.8.4 Zoints SEO 2.3.2 Computer-Logic Open Redirection
01.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 vBSEO 3.6.1 Open Redirection
28.02.2019
KingSkrupellos


CVEMAP Search Results

CVE
Details
Description
2021-09-08
Medium
CVE-2021-32805

Vendor: Flask-appbuilder project
Software: Flask-appbuilder
 

 
Flask-AppBuilder is an application development framework, built on top of Flask. In affected versions if using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, this URL can redirect a user to a malicious site. This is an open redirect vulnerability. To resolve this issue upgrade to Flask-AppBuilder 3.2.2 or above. If upgrading is infeasible users may filter HTTP traffic containing `?next={next-site}` where the `next-site` domain is different from the application you are protecting as a workaround.

 
2021-09-07
Medium
CVE-2021-39501

Vendor: Eyoucms
Software: Eyoucms
 

 
EyouCMS 1.5.4 is vulnerable to Open Redirect. An attacker can redirect a user to a malicious url via the Logout function.

 
Medium
CVE-2021-38123

Vendor: Microfocus
Software: Network auto...
 

 
Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication.

 
2021-09-06
Medium
CVE-2021-25737

Vendor: Kubernetes
Software: Kubernetes
 

 
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.

 
2021-09-03
Medium
CVE-2021-39191

Vendor: Zmartzone
Software: Mod auth openidc
 

 
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of mod_auth_openidc was reported to be vulnerable to an open redirect attack by supplying a crafted URL in the `target_link_uri` parameter. A patch in version 2.4.9.4 made it so that the `OIDCRedirectURLsAllowed` setting must be applied to the `target_link_uri` parameter. There are no known workarounds aside from upgrading to a patched version.

 
2021-08-30
Medium
CVE-2021-38343

Vendor: Nested pages project
Software: Nested pages
 

 
The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to an Open Redirect via the `page` POST parameter in the `npBulkActions`, `npBulkEdit`, `npListingSort`, and `npCategoryFilter` `admin_post` actions.

 
2021-08-25
Medium
CVE-2021-39112

Vendor: Atlassian
Software: Data center
 

 
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8.17.1, and from version 8.18.0 before 8.18.1.

 
2021-08-11
Medium
CVE-2021-22098

Vendor: Cloudfoundry
Software: Cf-deployment
 

 

 
2021-08-10
Medium
CVE-2021-33707

Vendor: SAP
Software: Netweaver kn...
 

 
SAP NetWeaver Knowledge Management allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via a URL stored in a component. This could enable the attacker to compromise the user's confidentiality and integrity.

 
2021-08-03
Medium
CVE-2021-33331

Vendor: Liferay
Software: DXP
 

 
Open redirect vulnerability in the Notifications module in Liferay Portal 7.0.0 through 7.3.1, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19 and 7.2 before fix pack 8, allows remote attackers to redirect users to arbitrary external URLs via the 'redirect' parameter.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top