ReportizFlow
Filtered by vendor
Subscriptions
Total
1478 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1449 | 1 Ibm | 1 Emptoris Sourcing | 2025-04-20 | N/A |
| IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 128174. | ||||
| CVE-2017-1489 | 1 Ibm | 6 Security Access Manager, Security Access Manager For Mobile, Security Access Manager For Web and 3 more | 2025-04-20 | N/A |
| IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687. | ||||
| CVE-2015-6961 | 1 Web2py | 1 Web2py | 2025-04-20 | N/A |
| Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout. | ||||
| CVE-2017-14524 | 1 Opentext | 2 Documentum Administrator, Documentum Webtop | 2025-04-20 | N/A |
| Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect. | ||||
| CVE-2017-14525 | 1 Opentext | 2 Documentum Administrator, Documentum Webtop | 2025-04-20 | N/A |
| Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect. | ||||
| CVE-2015-5608 | 1 Joomla | 1 Joomla\! | 2025-04-20 | N/A |
| Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1. | ||||
| CVE-2017-1450 | 1 Ibm | 1 Emptoris Sourcing | 2025-04-20 | N/A |
| IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 128177. | ||||
| CVE-2015-5241 | 1 Apache | 1 Juddi | 2025-04-20 | N/A |
| After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 3.1.2, 3.1.3, 3.1.4, and 3.1.5 when utilizing the portlets based user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 'uddi-console'. User session data, credentials, and auth tokens are cleared before the redirect. | ||||
| CVE-2017-6670 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-20 | N/A |
| A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect issue. More Information: CSCvc54813. Known Affected Releases: 8.1(7)ER1. | ||||
| CVE-2017-1398 | 1 Ibm | 1 Websphere Commerce | 2025-04-20 | N/A |
| IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 6.0, 7.0, and 8.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 127385. | ||||
| CVE-2016-8961 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2025-04-20 | N/A |
| IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. | ||||
| CVE-2016-4334 | 1 Jivesoftware | 1 Jive | 2025-04-20 | 6.1 Medium |
| Jive before 2016.3.1 has an open redirect from the external-link.jspa page. | ||||
| CVE-2017-1287 | 1 Ibm | 1 Rhapsody Design Manager | 2025-04-20 | N/A |
| IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. | ||||
| CVE-2016-9099 | 1 Broadcom | 2 Advanced Secure Gateway, Symantec Proxysg | 2025-04-20 | N/A |
| Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site. | ||||
| CVE-2017-5474 | 1 S9y | 1 Serendipity | 2025-04-20 | N/A |
| Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header. | ||||
| CVE-2017-1156 | 1 Ibm | 1 Websphere Portal | 2025-04-20 | N/A |
| IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force. ID: 122592 | ||||
| CVE-2017-12344 | 1 Cisco | 1 Data Center Network Manager | 2025-04-20 | N/A |
| Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247. | ||||
| CVE-2016-8953 | 1 Ibm | 1 Emptoris Sourcing | 2025-04-20 | N/A |
| IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 118840. | ||||
| CVE-2017-16761 | 1 Inedo | 1 Buildmaster | 2025-04-20 | N/A |
| An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites. | ||||
| CVE-2016-8949 | 1 Ibm | 2 Emptoris Strategic Supply Management, Emptoris Supplier Lifecycle Management | 2025-04-20 | N/A |
| IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 118836. | ||||