Vulnerabilities > CVE-2014-8754 - Unspecified vulnerability in Ad-Manager Project Ad-Manager 1.1.2

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

ad-manager-project

NVD

Published: 2014-12-02

Updated: 2017-09-08

Summary

Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the out parameter. <a href="http://cwe.mitre.org/data/definitions/601.html" target="_blank">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Ad-Manager_Project AD Manager Project AD Manager 1.1.2	1

Packetstorm

data source	https://packetstormsecurity.com/files/download/129290/wpadmanager-redirect.txt
id	PACKETSTORM:129290
last seen	2016-12-05
published	2014-11-27
reporter	Jing Wang
source	https://packetstormsecurity.com/files/129290/WordPress-Ad-Manager-1.1.2-Open-Redirect.html
title	WordPress Ad-Manager 1.1.2 Open Redirect

Summary

Vulnerable Configurations

Packetstorm

References