Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2021-07-02 CVE-2020-23182 Open Redirect vulnerability in PHP-Fusion 9.03.60
The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows attackers to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel.
network
low complexity
php-fusion CWE-601
5.4
5.4
2021-06-29 CVE-2021-32721 Open Redirect vulnerability in Powermux Project Powermux 1.0.0/1.1.0
PowerMux is a drop-in replacement for Go's http.ServeMux.
network
low complexity
powermux-project CWE-601
6.1
6.1
2021-06-29 CVE-2021-20105 Open Redirect vulnerability in Machform
Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter.
network
low complexity
machform CWE-601
6.1
6.1
2021-06-28 CVE-2021-34254 Open Redirect vulnerability in Umbraco CMS
Umbraco CMS before 7.15.7 is vulnerable to Open Redirection due to insufficient url sanitization on booting.aspx.
network
low complexity
umbraco CWE-601
6.1
6.1
2021-06-24 CVE-2021-25655 Open Redirect vulnerability in Avaya Aura Experience Portal 7.1/8.0.0
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack.
network
low complexity
avaya CWE-601
6.1
6.1
2021-06-23 CVE-2020-18660 Open Redirect vulnerability in Get-Simple Getsimplecms
GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
network
low complexity
get-simple CWE-601
6.1
6.1
2021-06-22 CVE-2021-35206 Open Redirect vulnerability in Gitpod
Gitpod before 0.6.0 allows unvalidated redirects.
network
low complexity
gitpod CWE-601
6.1
6.1
2021-06-11 CVE-2021-22903 Open Redirect vulnerability in Rubyonrails Rails
The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability.
network
low complexity
rubyonrails CWE-601
6.1
6.1
2021-06-11 CVE-2021-23393 Open Redirect vulnerability in Flask Unchained Project Flask Unchained
This affects the package Flask-Unchained before 0.9.0.
network
low complexity
flask-unchained-project CWE-601
5.4
5.4
2021-06-07 CVE-2020-18268 Open Redirect vulnerability in Zblogcn Z-Blogphp
Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php."
network
low complexity
zblogcn CWE-601
6.1
6.1