Total
1018 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-10052 | 1 Gibb-modul-151 Project | 1 Gibb-modul-151 | 2024-11-21 | 5.5 MEDIUM | 4.6 MEDIUM |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in calesanz gibb-modul-151. This affects the function bearbeiten/login. The manipulation leads to open redirect. It is possible to initiate the attack remotely. The patch is named 88a517dc19443081210c804b655e72770727540d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218379. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2015-0697 | 1 Cisco | 1 Telepresence Tc Software | 2024-11-21 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980. | |||||
| CVE-2014-9617 | 1 Netsweeper | 1 Netsweeper | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | |||||
| CVE-2014-3652 | 1 Redhat | 1 Keycloak | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL. | |||||
| CVE-2014-2213 | 1 Posh Project | 1 Posh | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php. | |||||
| CVE-2013-2764 | 1 United-security-providers | 1 Secure Entry Server | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSP_AbsoluteRedirects being disabled by default. | |||||
| CVE-2013-2621 | 1 Telaen Project | 1 Telaen | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL. | |||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | |||||
| CVE-2012-0518 | 1 Oracle | 1 Fusion Middleware | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175. | |||||
| CVE-2010-4266 | 1 Vanillaforums | 1 Vanilla Forums | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher. | |||||
| CVE-2010-3669 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 4.9 MEDIUM | 5.4 MEDIUM |
| TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. | |||||
| CVE-2010-3661 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend. | |||||
| CVE-2010-2471 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Drupal versions 5.x and 6.x has open redirection | |||||
| CVE-2009-3832 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2024-11-21 | 5.8 MEDIUM | N/A |
| Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | |||||
| CVE-2008-2951 | 2 Edgewall, Fedoraproject | 2 Trac, Fedora | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function. | |||||
| CVE-2008-2052 | 1 Bitrix24 | 1 Bitrix Site Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter. | |||||
| CVE-2008-1547 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. | |||||
| CVE-2005-4206 | 1 Blackboard | 1 Academic Suite | 2024-11-21 | 4.0 MEDIUM | 6.1 MEDIUM |
| Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page. | |||||
| CVE-2005-1475 | 1 Opera | 1 Opera Browser | 2024-11-20 | 7.5 HIGH | N/A |
| The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect. | |||||
| CVE-2005-10001 | 1 Broadcom | 1 Symantec Siteminder | 2024-11-20 | 5.8 MEDIUM | 5.4 MEDIUM |
| A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||