Vulnerabilities > CVE-2014-9180 - Unspecified vulnerability in Eleanor-Cms Eleanor CMS

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

eleanor-cms

NVD

Published: 2014-12-02

Updated: 2014-12-03

Summary

Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERY_STRING. <a href="http://cwe.mitre.org/data/definitions/601.html" target="_blank">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Eleanor-Cms Eleanor CMS Eleanor CMS -	1

References

http://packetstormsecurity.com/files/129087/Eleanor-CMS-Open-Redirect.html