Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open redirect vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-22872
Revive Adserver prior to 5.1.0 is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the publicly accessible afr.php delivery script. While this issue was previously addressed in modern browsers as CVE-2020-8115, some older browsers (e.g., IE10) that do not au...
Revive-adserver Revive Adserver
4.9
CVSSv2
CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
5.8
CVSSv2
CVE-2012-1023
Open redirect vulnerability in admin/index.php in 4images 1.7.10 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter.
4homepages 4images 1.7.10
1 EDB exploit
5.8
CVSSv2
CVE-2017-7234
A maliciously crafted URL to a Django (1.10 prior to 1.10.7, 1.9 prior to 1.9.13, and 1.8 prior to 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
Djangoproject Django 1.10.0
Djangoproject Django 1.9
Djangoproject Django 1.8.0
Djangoproject Django 1.8.15
Djangoproject Django 1.8.2
Djangoproject Django 1.9.6
Djangoproject Django 1.10.3
Djangoproject Django 1.8.14
Djangoproject Django 1.9.9
Djangoproject Django 1.8.1
Djangoproject Django 1.10.1
Djangoproject Django 1.8.7
Djangoproject Django 1.8.9
Djangoproject Django 1.10.5
Djangoproject Django 1.9.5
Djangoproject Django 1.8.11
Djangoproject Django 1.9.12
Djangoproject Django 1.8.3
Djangoproject Django 1.8.12
Djangoproject Django 1.8.4
Djangoproject Django 1.9.11
Djangoproject Django 1.10.2
3 Github repositories
5.8
CVSSv2
CVE-2020-29565
An issue exists in OpenStack Horizon prior to 15.3.2, 16.x prior to 16.2.1, 17.x and 18.x prior to 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automat...
Openstack Horizon
Debian Debian Linux 10.0
5.8
CVSSv2
CVE-2017-5571
Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and previous versions, as used in Citrix License Server for Windows and the Citrix License Server VPX, allows remote malicious users to redirect users to arbitrary...
Flexerasoftware Flexnet Publisher
5.8
CVSSv2
CVE-2013-2621
Open Redirection Vulnerability in the redir.php script in Telaen prior to 1.3.1 allows remote malicious users to redirect victims to arbitrary websites via a crafted URL.
Telaen Project Telaen
1 EDB exploit
4
CVSSv2
CVE-2021-3654
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
Openstack Nova
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
5.8
CVSSv2
CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
Apache Http Server
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
Broadcom Brocade Fabric Operating System -
Oracle Sd-wan Aware 8.2
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
1 Github repository
5.8
CVSSv2
CVE-2012-4032
Open redirect vulnerability in the login page in WebsitePanel prior to 1.2.2.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx.
Websitepanel Websitepanel 1.1.2
Websitepanel Websitepanel 1.2.0
Websitepanel Websitepanel 1.1.0
Websitepanel Websitepanel
Websitepanel Websitepanel 1.0.0
Websitepanel Websitepanel 1.0.1
Websitepanel Websitepanel 1.0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »