Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability.
A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argumen
SPIP before 4.4.5 and 4.3.9 allows an Open Redirect via the login form when used in AJAX mode. An attacker can craft a malicious URL that, when visited by a victim, redirects them to an arbitrary exte
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker c
CVE-2024-7954
CRITICAL CVSS 9.8
Find Similar
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP a
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget With Shortcode login-sidebar-widget allows Phishing.This issue affects Login Widget With Shortcode: fro
An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php.
An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php.
A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login. The manipulation of the argument redirect
There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the `url` parameter in login path.
A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path
A vulnerability was detected in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. The affected element is the function loadLanguage of the file classes/class.databas
SPIP before 4.4.8 contains a stored cross-site scripting (XSS) vulnerability in the public area triggered in certain edge-case usage patterns. The echapper_html_suspect() function does not adequately
A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f_all/f_all404 results in cross site scripting.
A vulnerability was determined in OpenCart 4.1.0.3. This affects an unknown part of the file installer.php of the component Extension Installer Page. Executing a manipulation can lead to path traversa
An Open Redirect vulnerability in Taiga v6.8.1 allows attackers to redirect users to arbitrary websites via appending a crafted link to /login?next= in the login page URL.
The Advanced Advertising System plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.3.1. This is due to insufficient validation on the redirect url supplied via
A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title p
A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the destination address field
Plane is open-source project management software. Prior to version 1.1.0, an open redirect vulnerability in the ?next_path query parameter allows attackers to supply arbitrary schemes (e.g., javascrip
Page 1+ Next →