Total
1050 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-3597 | 1 Myrecorp | 1 Export Wp Page To Static Html\/css | 2024-08-09 | 7.1 High |
| The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.2.2. This is due to insufficient validation on the redirect url supplied via the rc_exported_zip_file parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. | ||||
| CVE-2023-46750 | 1 Apache | 1 Shiro | 2024-08-08 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+. | ||||
| CVE-2004-2260 | 1 Opera | 1 Opera Browser | 2024-08-08 | N/A |
| Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. | ||||
| CVE-2005-10001 | 1 Broadcom | 1 Symantec Siteminder | 2024-08-08 | 5.4 Medium |
| A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2005-4206 | 1 Blackboard | 1 Academic Suite | 2024-08-07 | 6.1 Medium |
| Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page. | ||||
| CVE-2005-1475 | 1 Opera | 1 Opera Browser | 2024-08-07 | N/A |
| The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect. | ||||
| CVE-2005-0420 | 1 Microsoft | 1 Exchange Server | 2024-08-07 | N/A |
| Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application. | ||||
| CVE-2024-23442 | 1 Elastic | 1 Kibana | 2024-08-07 | 6.1 Medium |
| An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL. | ||||
| CVE-2008-2951 | 2 Edgewall, Fedoraproject | 2 Trac, Fedora | 2024-08-07 | 6.1 Medium |
| Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function. | ||||
| CVE-2008-2052 | 1 Bitrix24 | 1 Bitrix Site Manager | 2024-08-07 | 6.1 Medium |
| Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter. | ||||
| CVE-2008-1547 | 1 Microsoft | 1 Exchange Server | 2024-08-07 | N/A |
| Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. | ||||
| CVE-2009-3832 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2024-08-07 | N/A |
| Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | ||||
| CVE-2010-4266 | 1 Vanillaforums | 1 Vanilla Forums | 2024-08-07 | 6.1 Medium |
| It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher. | ||||
| CVE-2010-3661 | 1 Typo3 | 1 Typo3 | 2024-08-07 | 6.1 Medium |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend. | ||||
| CVE-2010-3669 | 1 Typo3 | 1 Typo3 | 2024-08-07 | 5.4 Medium |
| TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. | ||||
| CVE-2010-2471 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2024-08-07 | 6.1 Medium |
| Drupal versions 5.x and 6.x has open redirection | ||||
| CVE-2012-0518 | 1 Oracle | 1 Fusion Middleware | 2024-08-06 | 4.7 Medium |
| Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175. | ||||
| CVE-2013-2764 | 1 United-security-providers | 1 Secure Entry Server | 2024-08-06 | 6.1 Medium |
| Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSP_AbsoluteRedirects being disabled by default. | ||||
| CVE-2013-2621 | 1 Telaen Project | 1 Telaen | 2024-08-06 | 6.1 Medium |
| Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL. | ||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-08-06 | N/A |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | ||||