Total
1050 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9617 | 1 Netsweeper | 1 Netsweeper | 2024-08-06 | 6.1 Medium |
| Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | ||||
| CVE-2014-3652 | 1 Redhat | 1 Keycloak | 2024-08-06 | 6.1 Medium |
| JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL. | ||||
| CVE-2014-2213 | 1 Posh Project | 1 Posh | 2024-08-06 | 6.1 Medium |
| Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php. | ||||
| CVE-2015-10052 | 1 Gibb-modul-151 Project | 1 Gibb-modul-151 | 2024-08-06 | 4.6 Medium |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in calesanz gibb-modul-151. This affects the function bearbeiten/login. The manipulation leads to open redirect. It is possible to initiate the attack remotely. The patch is named 88a517dc19443081210c804b655e72770727540d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218379. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2015-10104 | 1 Woocommerce | 1 Icons For Features | 2024-08-06 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in Icons for Features Plugin 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file classes/class-icons-for-features-admin.php. The manipulation of the argument redirect_url leads to open redirect. The attack may be launched remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 63124c021ae24b68e56872530df26eb4268ad633. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227756. | ||||
| CVE-2015-10115 | 1 Woocommerce | 1 Sidebar Manager To Woosidebars Converter | 2024-08-06 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in WooSidebars Sidebar Manager Converter Plugin up to 1.1.1 on WordPress. This affects the function process_request of the file classes/class-woosidebars-sbm-converter.php. The manipulation leads to open redirect. It is possible to initiate the attack remotely. Upgrading to version 1.1.2 is able to address this issue. The patch is named a0efb4ffb9dfe2925b889c1aa5ea40b4abbbda8a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230655. | ||||
| CVE-2015-10113 | 1 Woocommerce | 1 Wooframework Tweaks | 2024-08-06 | 3.5 Low |
| A vulnerability classified as problematic was found in WooFramework Tweaks Plugin up to 1.0.1 on WordPress. Affected by this vulnerability is the function admin_screen_logic of the file wooframework-tweaks.php. The manipulation of the argument url leads to open redirect. The attack can be launched remotely. Upgrading to version 1.0.2 is able to address this issue. The identifier of the patch is 3b57d405149c1a59d1119da6e0bb8212732c9c88. It is recommended to upgrade the affected component. The identifier VDB-230653 was assigned to this vulnerability. | ||||
| CVE-2015-10102 | 1 Freshworks | 1 Freshdesk | 2024-08-06 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Freshdesk Plugin 1.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to open redirect. The attack may be launched remotely. Upgrading to version 1.8 is able to address this issue. The patch is identified as 2aaecd4e0c7c6c1dc4e6a593163d5f7aa0fa5d5b. It is recommended to upgrade the affected component. VDB-226118 is the identifier assigned to this vulnerability. | ||||
| CVE-2015-10114 | 1 Woocommerce | 1 Woosidebars | 2024-08-06 | 4.3 Medium |
| A vulnerability, which was classified as problematic, has been found in WooSidebars Plugin up to 1.4.1 on WordPress. Affected by this issue is the function enable_custom_post_sidebars of the file classes/class-woo-sidebars.php. The manipulation of the argument sendback leads to open redirect. The attack may be launched remotely. Upgrading to version 1.4.2 is able to address this issue. The patch is identified as 1ac6d6ac26e185673f95fc1ccc56a392169ba601. It is recommended to upgrade the affected component. VDB-230654 is the identifier assigned to this vulnerability. | ||||
| CVE-2015-10112 | 1 Woocommerce | 1 Wooframework Branding | 2024-08-06 | 4.3 Medium |
| A vulnerability classified as problematic has been found in WooFramework Branding Plugin up to 1.0.1 on WordPress. Affected is the function admin_screen_logic of the file wooframework-branding.php. The manipulation of the argument url leads to open redirect. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is f12fccd7b5eaf66442346f748c901ef504742f78. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230652. | ||||
| CVE-2015-9540 | 1 Chamilo | 1 Chamilo Lms | 2024-08-06 | 6.1 Medium |
| Chamilo LMS through 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503. | ||||
| CVE-2015-9058 | 1 Proxmox | 1 Proxmox Mail Gateway | 2024-08-06 | N/A |
| Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter. | ||||
| CVE-2015-8094 | 1 Cloudera | 1 Hue | 2024-08-06 | N/A |
| Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter. | ||||
| CVE-2015-7943 | 3 Drupal, Jquery Update Project, Labjs Project | 3 Drupal, Jquery Update, Labjs | 2024-08-06 | N/A |
| Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233. | ||||
| CVE-2015-6961 | 1 Web2py | 1 Web2py | 2024-08-06 | N/A |
| Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout. | ||||
| CVE-2015-6501 | 1 Puppet | 1 Puppet Enterprise | 2024-08-06 | N/A |
| Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter. | ||||
| CVE-2015-5608 | 1 Joomla | 1 Joomla\! | 2024-08-06 | N/A |
| Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. | ||||
| CVE-2015-5354 | 1 Novius-os | 1 Novius Os | 2024-08-06 | N/A |
| Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login. | ||||
| CVE-2015-5241 | 1 Apache | 1 Juddi | 2024-08-06 | N/A |
| After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 3.1.2, 3.1.3, 3.1.4, and 3.1.5 when utilizing the portlets based user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 'uddi-console'. User session data, credentials, and auth tokens are cleared before the redirect. | ||||
| CVE-2015-5054 | 1 Ellucian | 1 Banner Student | 2024-08-06 | N/A |
| Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter. | ||||