CWE:
 

Topic
Date
Author
Med.
WordPress 4.9.8 LaneMotorSport Responsive Themes 1.8.4 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 4.6.14 lqcPlugin-regiePublicites Plugins 1.0 Open Redirection
25.05.2019
KingSkrupellos
Low
Irish News TheJournal Open Redirection
23.05.2019
KingSkrupellos
Med.
WordPress 4.6.12 PHPL Plugins 1.0 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 5.2.1 Dankov Planer Themes 1.1.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Aliyun Themes 5.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.4.18 Ad-Manager Plugins 1.1.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Chrome-Extensions Themes 1.0 Open Redirection
23.05.2019
KingSkrupellos
Med.
Xoops Wordpress Modules WP-Ktai 0.5.0 Japan Open Redirection
20.05.2019
KingSkrupellos
Med.
Revive Adserver Deserialization / Open Redirect
02.05.2019
Matteo Beccati
Low
Masch CMStudio Banners 8.6.1 Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.9.10 ButterKekse Plugins Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.9.2 WordPress-Feed-Statistics Plugins 4.1 Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.8 Ait-ThemesClub TemplatePreview 1.8.1 RFI Open Redirection
28.03.2019
KingSkrupellos
Low
HollandPlaza TexelseMedia AdvertisementsCounter Plugins Open Redirection
28.03.2019
KingSkrupellos
Low
Masch CMStudio Banners Modules 8.6.1 Open Redirection
28.03.2019
KingSkrupellos
Low
WordPress 4.6.1 WireFunnel Plugins Open Redirection
28.03.2019
KingSkrupellos
Med.
WordPress 5.1.1 WPBounce AND-AntiBounce Plugins 1.0.3 Open Redirection
27.03.2019
KingSkrupellos
Low
Wordpress 5.0.4 begin Themes Open Redirection
26.03.2019
L4663r666h05t
Low
AlumniMagnet Open Redirection
26.03.2019
KingSkrupellos
Low
Progetti di Impresa SRL ItalyGov Open Redirection
26.03.2019
KingSkrupellos
Low
WordPress 3.4.2 The-CL-Amazon-Thingy Plugins 1.0 Open Redirection
23.03.2019
KingSkrupellos
Med.
WordPress 5.0.4 Age-Verification Plugins 0.5 Open Redirection
21.03.2019
KingSkrupellos
Low
WordPress 5.0.4 Zangai Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x BigChrome Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 5.0.4 2018110612035976 Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 5.1.1 Wopus Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.10 İfxPro.Cn Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.3 itiis Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x Wngzs Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x Concise Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x UsaMusic-PC Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress Aibbt Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress Deep Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress 2kqq Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress Azzxx Themes Open Redirection
12.03.2019
KingSkrupellos
Med.
OpenCart Price Comparison Store Modules 3.x Open Redirection
11.03.2019
KingSkrupellos
Med.
VanillaForums 2.x Open Redirection
11.03.2019
KingSkrupellos
Low
Babel 0.4.1 Open Redirection
07.03.2019
Jan Kopriva
Low
MeteoTemplate 17.1 Nectarine Diary Plugins 4.0 Open Redirection
07.03.2019
KingSkrupellos
Low
MeteoTemplate 17.1 Nectarine globalSnow Plugins 1.1 Open Redirection
07.03.2019
KingSkrupellos
Low
Meteotemplate 17.1 Nectarine indoorData Plugins 4.0 Open Redirection
07.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Ajax Threads 1.1.3 Lite Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 vBSuper_PM 1.2.3 Lite Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.x Seo by vBSeo 3.3.2 Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Member Map 1.1.2 Lite Open Redirection
04.03.2019
KingSkrupellos
Med.
MeteoTemplate 17.1 Nectarine Deviations Plugins 2.0 Open Redirection
03.03.2019
KingSkrupellos
Low
SMF 2.0.15 SMF4Mobile 1.1.5/1.2 SMF-Media Open Redirection
02.03.2019
KingSkrupellos
Low
XenForo 1.5.x Advanced Application Forms 1.2.2 Open Redirection
02.03.2019
KingSkrupellos
Low
XenForo 1.5.x XF-Russia Open Redirection
02.03.2019
KingSkrupellos
Low
vBulletin 3.8.x vBadvanced CMPS v3.2.3 Open Redirection
01.03.2019
KingSkrupellos
Med.
vBulletin 3.8.4 Zoints SEO 2.3.2 Computer-Logic Open Redirection
01.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 vBSEO 3.6.1 Open Redirection
28.02.2019
KingSkrupellos
Low
vBulletin 4.x.x DragonByte SEO v2.0.31 Pro Open Redirection
28.02.2019
KingSkrupellos
Med.
MeteoTemplate 17.1 Nectarine windDirection Plugins 2.2 Open Redirection
27.02.2019
KingSkrupellos
Low
MeteoTemplate 17.1 Nectarine Deviations Open Redirection
26.02.2019
KingSkrupellos
Low
AsureSoftware AsureForce Time Version 12.0 Open Redirection
26.02.2019
KingSkrupellos
Med.
MeteoTemplate 17.1 Nectarine stationExtremes Plugins 2.0 Open Redirection
26.02.2019
KingSkrupellos
Low
1up! Software Going1up The Newspaper CMS 1998-2019 1.x Open Redirection
26.02.2019
KingSkrupellos
Low
Drupal Pubdlcnt 7.x-1.2 Open Redirection
22.02.2019
KingSkrupellos
Low
Drupal Pubdlcnt Modules 7.x-1.2 Public Download Count Open Redirection
21.02.2019
KingSkrupellos
Med.
WordPress WP-JS-External-Link-Info Plugins 2.2.0 Open Redirection
18.02.2019
KingSkrupellos
Low
GetSimpleCMS 3.3.13 Open Redirect
15.02.2019
Mithat Gogebakan
Low
OpenText Documentum Webtop 5.3 SP2 Open Redirect
11.02.2019
Rafael Pedrero
Low
glimpse.bukalapak.com Open Redirect
03.02.2019
abay
Med.
WordPress 2013 TwentyThirteen Themes 5.0.3 Open Redirection
16.01.2019
KingSkrupellos
Low
ModX Open Source CMS Babel Modules 3.0.0 Open Redirect
15.01.2019
KingSkrupellos
Med.
Joomla Simple RSS Feed Reader mod_jw_srfr 3.6.0 Modules Open Redirect
15.01.2019
KingSkrupellos
Low
OrangeForum 1.4.0 Open Redirection
10.01.2019
Omar Kurt
Low
WordPress BlackHawk Themes Open Redirection Vulnerability
26.11.2018
KingSkrupellos
Med.
WordPress Begin Themes Start-up Business ThemeForest Open Redirection Vulnerability
04.11.2018
KingSkrupellos
Low
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Open Redirect
17.07.2018
LiquidWorm
Low
Developed By the DokaGroup Laboratory 2008-2011 Belarus Open Redirection Vulnerability
29.06.2018
KingSkrupellos
Low
Provided By Green4Solutions EcommZone Open Redirection Vulnerability
21.06.2018
KingSkrupellos
Low
Technical Support A2i-PMO Bangladesh e-Government Open Redirection Vulnerability
10.06.2018
KingSkrupellos
Med.
WolfCMS 0.8.3.1 Open Redirect
10.04.2018
Sureshbabu Narvaneni
Low
Tuleap Open Redirect
08.03.2018
Anonymous
Low
F-Secure Radar Open Redirect
17.02.2018
Oscar Hjelm
Low
Oracle E-Business Suite 12.1.3 / 12.2.x Open Redirect
16.01.2018
author
Low
WordPress MQ ReLinks 1.8 XSS / Open Redirection
11.01.2018
Ricardo Sanchez
Low
WordPress Feed-Statistics 4.1 Open Redirect
22.12.2017
Mostafa Gharzi
Low
OpenText Documentum Administrator / Webtop Open Redirection
27.09.2017
Jakub Palaczynski
Med.
Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
23.08.2017
SEC Consult
Med.
Ubiquiti Networks Open Redirect
25.07.2017
T.Weber
Low
DoorGets CMS 7.0 Open Redirect
04.07.2017
Rudra Sarkar
Med.
Drupal Public Download Count Module - Open Redirect
08.06.2017
Snooper
Med.
CMS Made Simple Babel Module 0.3.3 Open Redirect / Content Forgery
03.05.2017
MLT
Low
Amazon Simple Storage Service (S3) - Open Redirect Vulnerability
29.03.2017
Zero Security Group
Low
Instagram - Open Redirect Vulnerability
08.02.2017
S3Ni0R.M0T3Z4D
Low
LogicBoard CMS 3.0 / 4.0 / 4.1 Open Redirect
02.02.2017
n0ipr0cs
Med.
MailStore 10.0.1 Cross Site Scripting / Open Redirect
02.02.2017
Tobias Glemser
Low
Sarzamin Download - Open Redirect Vulnerability
20.01.2017
Blackwolf_Iran
Low
D-Link DIR-615 Open Redirection / Cross Site Scripting
14.01.2017
Osanda Malith Jayathis...
Low
Peplink NGxxx/LCxxx VPN-Firewall Open Redirect
30.11.2016
Gjoko 'LiquidWorm' Krs...
Med.
Lepton 2.2.2 Stable CSRF / Open Redirect / Password Handling
19.11.2016
Tim Coen
Med.
Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags
19.11.2016
Tim Coen
Low
Verint Impact 360 11.1 Open Redirect
11.11.2016
Sanehdeep Singh
Low
Puppet Enterprise Web Interface Open Redirect
23.10.2016
hyp3rlinx
Med.
Nagios XI 5.2.9 Cross Site Scripting / Open Redirect
21.10.2016
hyp3rlinx


CVEMAP Search Results

CVE
Details
Description
2019-05-22
Medium
CVE-2017-5871

Vendor: ODOO
Software: ODOO
 

 
Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).

 
2019-05-17
Medium
CVE-2019-5946

Vendor: Cybozu
Software: Garoon
 

 
Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen.

 
2019-05-16
Medium
CVE-2019-10117

Vendor: Gitlab
Software: Gitlab
 

 
An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node.

 
2019-05-13
Medium
CVE-2019-8951

Updating...
 

 
An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote attacker to redirect users to an arbitrary URL. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.80.0033 and newer). Affected software products: Video Recording Manager (VRM) (vulnerable versions: 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.70.0056 and newer; 3.81.0032 and newer), Bosch Video Management System (BVMS) (vulnerable versions: 3.50.00XX; 3.55.00XX; 3.60.00XX; fixed versions: 7.5; 3.70.0056).

 
Medium
CVE-2018-12300

Vendor: Seagate
Software: Nas os
 

 
Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.

 
2019-05-06
Medium
CVE-2019-5433

Vendor: Revive-adserver
Software: Revive adserver
 

 
A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was addressed in version 4.2.0.

 
2019-04-30
Medium
CVE-2018-14931

Vendor: Polarisft
Software: Intellect co...
 

 
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI.

 
Medium
CVE-2019-4166

Vendor: IBM
Software: Storediq
 

 
IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699.

 
2019-04-25
Medium
CVE-2019-3788

Vendor: Cloudfoundry
Software: Uaa release
 

 
Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. Given a UAA client was configured with a wildcard in the redirect uri's subdomain, a remote malicious unauthenticated user can craft a phishing link to get a UAA access code from the victim.

 
Medium
CVE-2019-4092

Vendor: IBM
Software: Content navi...
 

 
IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 157654.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top