映射到 CWE-601 的搜索结果 (54)

CVE-2015-6961(发布:2017-10-18 16:29:00)NM
CVSS5.8

[原文]Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.

CVE-2015-7943(发布:2017-10-18 14:29:00)NMS
CVSS5.8

[原文]Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.

CVE-2017-8047(发布:2017-10-03 21:29:03)NM
CVSS5.8

[原文]In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.

CVE-2015-4668(发布:2017-09-25 13:29:00)NM
CVSS5.8

[原文]Open redirect vulnerability in Xsuite 2.3.0 and 2.4.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.

CVE-2015-5608(发布:2017-09-20 14:29:01)NM
CVSS5.8

[原文]Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.

CVE-2015-3880(发布:2017-09-19 11:29:00)NMCS
CVSS5.8

[CNNVD]phpBB‘functions.php’开放重定向漏洞--phpBB是phpBB组开发的一套开源的且基于PHP语言的Web论坛软件。该软件具有支持多国语言、多种数据库和自定义版面设计等特点。 phpBB 3.0.14之前版本和3.1.4之前版本中存在开放重定向漏洞,该漏洞源于程序没有充分过滤用户提交的输入。攻击者可通过构造特制的URI并...

12345678下一页尾页 第1页 / 共9页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站