Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open redirect vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
NA
CVE-2012-1023
Open redirect vulnerability in admin/index.php in 4images 1.7.10 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter.
4homepages 4images 1.7.10
1 EDB exploit
6.1
CVSSv3
CVE-2017-7234
A maliciously crafted URL to a Django (1.10 prior to 1.10.7, 1.9 prior to 1.9.13, and 1.8 prior to 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
Djangoproject Django 1.8.2
Djangoproject Django 1.8.3
Djangoproject Django 1.8.10
Djangoproject Django 1.8.11
Djangoproject Django 1.8.0
Djangoproject Django 1.9.4
Djangoproject Django 1.9.5
Djangoproject Django 1.10.1
Djangoproject Django 1.10.2
Djangoproject Django 1.9
Djangoproject Django 1.9.1
Djangoproject Django 1.8.4
Djangoproject Django 1.8.5
Djangoproject Django 1.8.12
Djangoproject Django 1.8.13
Djangoproject Django 1.9.6
Djangoproject Django 1.9.7
Djangoproject Django 1.10.3
Djangoproject Django 1.10.4
Djangoproject Django 1.9.2
Djangoproject Django 1.9.8
Djangoproject Django 1.8.1
3 Github repositories
NA
CVE-2009-0347
Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
Autonomy Ultraseek Nil
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2020-29565
An issue exists in OpenStack Horizon prior to 15.3.2, 16.x prior to 16.2.1, 17.x and 18.x prior to 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automat...
Openstack Horizon
Debian Debian Linux 10.0
6.1
CVSSv3
CVE-2017-5571
Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and previous versions, as used in Citrix License Server for Windows and the Citrix License Server VPX, allows remote malicious users to redirect users to arbitrary...
Flexerasoftware Flexnet Publisher
6.1
CVSSv3
CVE-2013-2621
Open Redirection Vulnerability in the redir.php script in Telaen prior to 1.3.1 allows remote malicious users to redirect victims to arbitrary websites via a crafted URL.
Telaen Project Telaen
1 EDB exploit
6.1
CVSSv3
CVE-2021-3654
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
Openstack Nova
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
6.1
CVSSv3
CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
Apache Http Server
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
Broadcom Brocade Fabric Operating System -
Oracle Sd-wan Aware 8.2
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
1 Github repository
NA
CVE-2012-4032
Open redirect vulnerability in the login page in WebsitePanel prior to 1.2.2.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx.
Websitepanel Websitepanel 1.1.0
Websitepanel Websitepanel 1.0.2
Websitepanel Websitepanel 1.2.0
Websitepanel Websitepanel 1.1.2
Websitepanel Websitepanel 1.0.1
Websitepanel Websitepanel 1.0.0
Websitepanel Websitepanel
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »