Total
1058 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6154 | 2 Microsoft, Watchguard | 2 Windows, Fireware | 2019-08-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect). | |||||
| CVE-2017-18414 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 5.8 MEDIUM | 7.4 HIGH |
| cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300). | |||||
| CVE-2016-10769 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162). | |||||
| CVE-2018-20929 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| cPanel before 70.0.23 allows an open redirect via the /unprotected/redirect.html endpoint (SEC-392). | |||||
| CVE-2017-18441 | 1 Cpanel | 1 Cpanel | 2019-08-07 | 4.0 MEDIUM | 5.0 MEDIUM |
| cPanel before 64.0.21 allows demo accounts to redirect web traffic (SEC-245). | |||||
| CVE-2019-1020016 | 1 Ash-aio Project | 1 Ash-aio | 2019-08-01 | 5.8 MEDIUM | 6.1 MEDIUM |
| ASH-AIO before 2.0.0.3 allows an open redirect. | |||||
| CVE-2018-20867 | 1 Cpanel | 1 Cpanel | 2019-07-30 | 5.8 MEDIUM | 6.1 MEDIUM |
| cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). | |||||
| CVE-2019-14403 | 1 Cpanel | 1 Cpanel | 2019-07-30 | 4.3 MEDIUM | 4.3 MEDIUM |
| cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483). | |||||
| CVE-2019-1010290 | 1 Cmsmadesimple | 1 Bable\ | 2019-07-19 | 5.8 MEDIUM | 6.1 MEDIUM |
| Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter. The component is: redirect.php. The attack vector is: The victim must open a link created by an attacker. Attacker may use any legitimate site using Babel to redirect user to a URL of his/her choosing. | |||||
| CVE-2019-1075 | 1 Microsoft | 1 Asp.net Core | 2019-07-19 | 5.8 MEDIUM | 6.1 MEDIUM |
| A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | |||||
| CVE-2019-10721 | 1 Dotnetblogengine | 1 Blogengine.net | 2019-07-10 | 5.8 MEDIUM | 6.1 MEDIUM |
| BlogEngine.NET 3.3.7.0 allows a Client Side URL Redirect via the ReturnUrl parameter, related to BlogEngine/BlogEngine.Core/Services/Security/Security.cs, login.aspx, and register.aspx. | |||||
| CVE-2019-5969 | 1 Weseek | 1 Growi | 2019-07-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login. | |||||
| CVE-2018-12621 | 1 Eventum Project | 1 Eventum | 2019-07-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Eventum 3.5.0. /htdocs/switch.php has an Open Redirect via the current_page parameter. | |||||
| CVE-2019-5965 | 1 Joruri | 1 Joruri Mail | 2019-07-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2019-13175 | 1 Readthedocs | 1 Read The Docs | 2019-07-03 | 5.8 MEDIUM | 6.1 MEDIUM |
| Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs (in addition to the public readthedocs.org web sites). | |||||
| CVE-2017-14394 | 1 Forgerock | 2 Access Management, Openam | 2019-06-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to perform phishing via an unvalidated redirect. | |||||
| CVE-2018-13384 | 1 Fortinet | 1 Fortios | 2019-06-05 | 5.8 MEDIUM | 6.1 MEDIUM |
| A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains. | |||||
| CVE-2017-5871 | 1 Odoo | 1 Odoo | 2019-05-23 | 5.8 MEDIUM | 5.4 MEDIUM |
| Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote). | |||||
| CVE-2019-5946 | 1 Cybozu | 1 Garoon | 2019-05-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen. | |||||
| CVE-2019-10117 | 1 Gitlab | 1 Gitlab | 2019-05-16 | 5.8 MEDIUM | 6.1 MEDIUM |
| An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node. | |||||