Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open redirect vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-8069
Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) HTTP Referer header to index.php/user or (2) PATH_INFO to index.php.
Yootheme Pagekit 0.8.7
NA
CVE-2015-7823
Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 up to and including 8.2.41 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the link parameter.
Kentico Kentico Cms 8.2
NA
CVE-2013-3446
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.
Cisco Digital Media Manager -
5.4
CVSSv3
CVE-2023-42502
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions prior to 3.0.0.
Apache Superset
6.1
CVSSv3
CVE-2020-3558
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of a...
Cisco Firepower Management Center
5.4
CVSSv3
CVE-2021-1218
A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote malicious user to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP reques...
Cisco Smart Software Manager On-prem
NA
CVE-2014-7294
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and previous versions for Ex Libris Patron Directory Services (PDS) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Nyu Opensso Integration
NA
CVE-2014-8029
Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150.
Cisco Secure Access Control System -
5.4
CVSSv3
CVE-2018-15403
A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote malicious user to redirect a user to a maliciou...
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unity Connection 9.1\\(1\\)es23
Cisco Unified Communications Manager Im And Presence Service 10.5\\(2\\)
Cisco Unified Communications Manager Im And Presence Service 10.5\\(1\\)
Cisco Unified Communications Manager Im And Presence Service 12.0\\(1\\)
Cisco Unified Communications Manager Im And Presence Service 12.5\\(1\\)
Cisco Emergency Responder 11.5\\(4.59000.1\\)
Cisco Emergency Responder 12.5\\(0.98000.110\\)
Cisco Emergency Responder 12.0\\(1.40000.3\\)
6.1
CVSSv3
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request....
Cisco Hyperflex Hx Data Platform 5.0
Cisco Hyperflex Hx Data Platform 5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »