Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2017-09-11 CVE-2015-5054 Open Redirect vulnerability in Ellucian Banner Student
Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.
network
low complexity
ellucian CWE-601
6.1
6.1
2017-08-31 CVE-2017-1450 Open Redirect vulnerability in IBM Emptoris Sourcing
IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2017-08-31 CVE-2017-1449 Open Redirect vulnerability in IBM Emptoris Sourcing
IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
5.4
2017-08-30 CVE-2017-14038 Open Redirect vulnerability in Crushftp
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
network
low complexity
crushftp CWE-601
6.1
6.1
2017-08-29 CVE-2017-1195 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2017-08-29 CVE-2017-1489 Open Redirect vulnerability in IBM products
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability.
network
low complexity
ibm CWE-601
6.1
6.1
2017-08-11 CVE-2017-3085 Open Redirect vulnerability in multiple products
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
network
low complexity
adobe redhat CWE-601
7.4
7.4
2017-08-09 CVE-2017-1448 Open Redirect vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
5.4
2017-08-09 CVE-2016-8949 Open Redirect vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
5.4
2017-08-02 CVE-2017-12138 Open Redirect vulnerability in Xoops 2.5.8
XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter.
network
low complexity
xoops CWE-601
6.1
6.1