CWE:
 

Tytuł
Data
Autor
Low
PlaceOS 1.2109.1 Open Redirection
30.09.2021
Hamza Khedr
Low
Products.PluggableAuthService 2.6.0 Open Redirect
02.06.2021
Piyush Patil
Low
Tableau Server Open Redirection
08.04.2021
Dr. Vladimir Bostanov
Low
OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection
09.03.2021
Daniel Moreno
Low
b2evolution CMS 6.11.6 Open Redirection
11.02.2021
Nakul Ratti
Low
WordPress Age Gate 2.13.4 Open Redirect
30.11.2020
Ilca Lucian Florin
Low
Twitter Analytics Open Redirect
09.10.2020
asheesh anaconda
Low
Verint Impact 360 15.1 Open Redirect
16.07.2020
Ryan Delaney
Low
Android o2 Business 1.2.0 Open Redirect
05.07.2020
Julien Ahrens
Low
WordPress Weekender Newspaper Themes 9.0 Open Redirection
18.04.2020
KingSkrupellos
Low
WordPress Attitude Themes 1.1.1 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress Eatery Restaurant Themes 2.2 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress justnews-child Themes 1.0 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress Nashvilleparent Themes 1.10 Open Redirection
30.03.2020
KingSkrupellos
Low
WordPress Grimag Themes 1.2.5 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress Wmyx2.0 Themes 2.0 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress ProStore Themes 1.1.2 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress Eurielle Themes 0.1.0 Open Redirection
24.03.2020
KingSkrupellos
Low
WordPress Upward Themes 1.5 Open Redirection
24.03.2020
KingSkrupellos
Low
Yandex Search Engine Open Redirection
22.03.2020
KingSkrupellos
Low
WordPress WPTouch Switch Desktop 3.x Open Redirection
22.03.2020
KingSkrupellos
Low
Koha GreenStone Library 3.x Open Redirection
22.03.2020
KingSkrupellos
Med.
Daktilo News Software 1.9 Open Redirection
22.03.2020
KingSkrupellos
Med.
Revive Adserver 5.0.4 Security Bypass / Open Redirect
14.03.2020
Matteo Beccati
Med.
HomeAutomation 3.3.2 Open Redirect
31.12.2019
LiquidWorm
Low
Apache Httpd mod_rewrite Open Redirects
21.11.2019
Anonymous
Low
Optergy Proton/Enterprise BMS 2.3.0a Open Redirect
13.11.2019
LiquidWorm
Low
ParantezTeknoloji Library Software 16.0519000 Open Redirection
05.10.2019
KingSkrupellos
Low
Desarollo por Ezink Gds-Web Open Redirection Vulnerability
04.10.2019
KingSkrupellos
Low
Devinim Library Software 19.0504000 Open Redirection Vulnerability
04.10.2019
KingSkrupellos
Low
ParantezTeknoloji Library Software 16.0519000 Open Redirection Vulnerability
04.10.2019
KingSkrupellos
Low
Mediasation Wliinc26 Open Redirection
20.08.2019
KingSkrupellos
Low
Zurmo 3.2.6 Open Redirection
28.07.2019
Daniel Bishtawi
Med.
Paypal app Link Open Redirection
09.07.2019
Iran Cyber Security Gr...
Med.
Koha Library Software 18.1106000 Tracklinks Open Redirection
20.06.2019
KingSkrupellos
Low
Spring Security OAuth 2.3 Open Redirection
19.06.2019
Riemann
Med.
WordPress 5.2.1 Antena_Ri Institute Themes 2.0 Open Redirection
10.06.2019
KingSkrupellos
Low
CMSMadeSimple Software Babel Modules 1.9.4.2 Open Redirection
03.06.2019
KingSkrupellos
Low
WordPress WPAds Plugins 1.0 Open Redirection
29.05.2019
KingSkrupellos
Low
WordPress 4.8 Nya-Comment-DoFollow Plugins 1.0 Open Redirection
29.05.2019
KingSkrupellos
Low
WordPress 5.1.1 jilijilibegin Themes LTS 4.6 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 4.9.x Jingke Themes 1.0 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Xunjin Themes 4.6 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 4.8.9 Tigin Themes 1.0.5 Open Redirection
28.05.2019
KingSkrupellos
Low
WordPress 5.2.1 Divi-Child Themes 1.0 Open Redirection
28.05.2019
KingSkrupellos
Med.
WordPress 4.9.10 4DMayi Themes 4.6 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 5.2.1 DingTalk Themes LTS 4.6 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 4.9.8 LaneMotorSport Responsive Themes 1.8.4 Open Redirection
25.05.2019
KingSkrupellos
Med.
WordPress 4.6.14 lqcPlugin-regiePublicites Plugins 1.0 Open Redirection
25.05.2019
KingSkrupellos
Low
Irish News TheJournal Open Redirection
23.05.2019
KingSkrupellos
Med.
WordPress 4.6.12 PHPL Plugins 1.0 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 5.2.1 Dankov Planer Themes 1.1.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Aliyun Themes 5.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.4.18 Ad-Manager Plugins 1.1.2 Open Redirection
23.05.2019
KingSkrupellos
Low
WordPress 4.9.10 Chrome-Extensions Themes 1.0 Open Redirection
23.05.2019
KingSkrupellos
Med.
Xoops Wordpress Modules WP-Ktai 0.5.0 Japan Open Redirection
20.05.2019
KingSkrupellos
Med.
Revive Adserver Deserialization / Open Redirect
02.05.2019
Matteo Beccati
Low
Masch CMStudio Banners 8.6.1 Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.9.10 ButterKekse Plugins Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.9.2 WordPress-Feed-Statistics Plugins 4.1 Open Redirection
29.03.2019
KingSkrupellos
Low
WordPress 4.8 Ait-ThemesClub TemplatePreview 1.8.1 RFI Open Redirection
28.03.2019
KingSkrupellos
Low
HollandPlaza TexelseMedia AdvertisementsCounter Plugins Open Redirection
28.03.2019
KingSkrupellos
Low
Masch CMStudio Banners Modules 8.6.1 Open Redirection
28.03.2019
KingSkrupellos
Low
WordPress 4.6.1 WireFunnel Plugins Open Redirection
28.03.2019
KingSkrupellos
Med.
WordPress 5.1.1 WPBounce AND-AntiBounce Plugins 1.0.3 Open Redirection
27.03.2019
KingSkrupellos
Low
Wordpress 5.0.4 begin Themes Open Redirection
26.03.2019
L4663r666h05t
Low
AlumniMagnet Open Redirection
26.03.2019
KingSkrupellos
Low
Progetti di Impresa SRL ItalyGov Open Redirection
26.03.2019
KingSkrupellos
Low
WordPress 3.4.2 The-CL-Amazon-Thingy Plugins 1.0 Open Redirection
23.03.2019
KingSkrupellos
Med.
WordPress 5.0.4 Age-Verification Plugins 0.5 Open Redirection
21.03.2019
KingSkrupellos
Low
WordPress 5.0.4 Zangai Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x BigChrome Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 5.0.4 2018110612035976 Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 5.1.1 Wopus Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.10 İfxPro.Cn Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.3 itiis Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x Wngzs Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x Concise Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress 4.9.x UsaMusic-PC Themes Open Redirection
18.03.2019
KingSkrupellos
Low
WordPress Aibbt Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress Deep Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress 2kqq Themes Open Redirection
12.03.2019
KingSkrupellos
Low
WordPress Azzxx Themes Open Redirection
12.03.2019
KingSkrupellos
Med.
OpenCart Price Comparison Store Modules 3.x Open Redirection
11.03.2019
KingSkrupellos
Med.
VanillaForums 2.x Open Redirection
11.03.2019
KingSkrupellos
Low
Babel 0.4.1 Open Redirection
07.03.2019
Jan Kopriva
Low
MeteoTemplate 17.1 Nectarine Diary Plugins 4.0 Open Redirection
07.03.2019
KingSkrupellos
Low
MeteoTemplate 17.1 Nectarine globalSnow Plugins 1.1 Open Redirection
07.03.2019
KingSkrupellos
Low
Meteotemplate 17.1 Nectarine indoorData Plugins 4.0 Open Redirection
07.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Ajax Threads 1.1.3 Lite Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Thread Post Bookmarking 1.2.0 Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 vBSuper_PM 1.2.3 Lite Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.x Seo by vBSeo 3.3.2 Open Redirection
04.03.2019
KingSkrupellos
Low
vBulletin 4.2.5 Member Map 1.1.2 Lite Open Redirection
04.03.2019
KingSkrupellos
Med.
MeteoTemplate 17.1 Nectarine Deviations Plugins 2.0 Open Redirection
03.03.2019
KingSkrupellos
Low
SMF 2.0.15 SMF4Mobile 1.1.5/1.2 SMF-Media Open Redirection
02.03.2019
KingSkrupellos
Low
XenForo 1.5.x Advanced Application Forms 1.2.2 Open Redirection
02.03.2019
KingSkrupellos
Low
XenForo 1.5.x XF-Russia Open Redirection
02.03.2019
KingSkrupellos
Low
vBulletin 3.8.x vBadvanced CMPS v3.2.3 Open Redirection
01.03.2019
KingSkrupellos
Med.
vBulletin 3.8.4 Zoints SEO 2.3.2 Computer-Logic Open Redirection
01.03.2019
KingSkrupellos


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2021-12-03
Medium
CVE-2021-4000

Vendor: Showdoc
Software: Showdoc
 

 
showdoc is vulnerable to URL Redirection to Untrusted Site

 
2021-12-01
Medium
CVE-2021-3989

Vendor: Showdoc
Software: Showdoc
 

 
showdoc is vulnerable to URL Redirection to Untrusted Site

 
2021-11-30
Medium
CVE-2021-42564

Vendor: Cryptshare
Software: Cryptshare s...
 

 
An open redirect through HTML injection in confidential messages in Cryptshare before 5.1.0 allows remote attackers (with permission to provide confidential messages via Cryptshare) to redirect targeted victims to any URL via the '<meta http-equiv="refresh"' substring in the editor parameter.

 
2021-11-24
Medium
CVE-2021-43777

Vendor: Redash
Software: Redash
 

 
Redash is a package for data visualization and sharing. In Redash version 10.0 and prior, the implementation of Google Login (via OAuth) incorrectly uses the `state` parameter to pass the next URL to redirect the user to after login. The `state` parameter should be used for a Cross-Site Request Forgery (CSRF) token, not a static and easily predicted value. This vulnerability does not affect users who do not use Google Login for their instance of Redash. A patch in the `master` and `release/10.x.x` branches addresses this by replacing `Flask-Oauthlib` with `Authlib` which automatically provides and validates a CSRF token for the state variable. The new implementation stores the next URL on the user session object. As a workaround, one may disable Google Login to mitigate the vulnerability.

 
2021-11-23
Medium
CVE-2021-36332

Vendor: DELL
Software: Emc cloud link
 

 
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, directing end user to arbitrary and potentially malicious websites.

 
2021-11-08
Medium
CVE-2021-41733

Vendor: Oppia
Software: Oppia
 

 
Oppia 3.1.4 does not verify that certain URLs are valid before navigating to them.

 
2021-11-04
Medium
CVE-2021-1500

Vendor: Cisco
Software: Collaboratio...
 

 
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. Attackers may use this type of vulnerability, known as an open redirect attack, as part of a phishing attack to persuade users to unknowingly visit malicious sites.

 
2021-11-01
Medium
CVE-2021-43058

Vendor: Replicated
Software: Replicated c...
 

 
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site.

 
2021-10-19
Medium
CVE-2021-3851

Vendor: Firefly-iii
Software: Firefly iii
 

 
firefly-iii is vulnerable to URL Redirection to Untrusted Site

 
2021-10-18
Medium
CVE-2021-22942

Vendor: Rubyonrails
Software: Rails
 

 
A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top