Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open redirect vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2018-6324
F-Secure Radar (on-premises) prior to 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login.
F-secure Radar
5.8
CVSSv2
CVE-2021-1358
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote malicious user to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent t...
Cisco Finesse
5.8
CVSSv2
CVE-2015-1042
The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 up to and including 1.2.18 uses an incorrect regular expression, which allows remote malicious users to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator i...
Mantisbt Mantisbt 1.2.17
Mantisbt Mantisbt 1.2.18
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.2.13
Mantisbt Mantisbt 1.2.15
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.2.10
Mantisbt Mantisbt 1.2.11
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.2.12
Mantisbt Mantisbt 1.2.14
Mantisbt Mantisbt 1.2.16
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.6
5.8
CVSSv2
CVE-2017-3528
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerabil...
Oracle Applications Framework 12.2.4
Oracle Applications Framework 12.2.5
Oracle Applications Framework 12.2.3
Oracle Applications Framework 12.1.3
Oracle Applications Framework 12.2.6
1 EDB exploit
6.4
CVSSv2
CVE-2014-8489
Open redirect vulnerability in startSSO.ping in the SP Endpoints in Ping Identity PingFederate 6.10.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the TargetResource parameter.
Pingidentity Pingfederate 6.10.1
NA
CVE-2023-33405
Blogengine.net 3.3.8.0 and previous versions is vulnerable to Open Redirect.
Blogengine Blogengine.net
1 Github repository
5.8
CVSSv2
CVE-2014-8754
Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2 for WordPress allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the out parameter.
Ad-manager Project Ad-manager 1.1.2
NA
CVE-2023-5375
Open Redirect in GitHub repository mosparo/mosparo before 1.0.2.
Mosparo Mosparo
NA
CVE-2019-127831
Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.
4.3
CVSSv2
CVE-2014-2117
Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and previous versions allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909.
Cisco Emergency Responder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »