• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-601

CVE-2018-10678

February 26, 2023 by

MyBB 1.8.15, when accessed with Microsoft Edge, mishandles ‘target=”_blank” rel=”noopener”‘ in A elements, which makes it easier for remote attackers to conduct redirection attacks.

CVE-2018-10100

February 26, 2023 by

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

CVE-2018-10101

February 26, 2023 by

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

CVE-2018-1002102

February 26, 2023 by

Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.

CVE-2018-1000671

February 26, 2023 by

sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in The “referer” parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim’s browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available.

CVE-2018-1000504

February 26, 2023 by

Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. This attack appear to be exploitable via Attacker must be have access to an admin account on the target site. This vulnerability appears to have been fixed in 2.8.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 11
  • Go to page 12
  • Go to page 13
  • Go to page 14
  • Go to page 15
  • Interim pages omitted …
  • Go to page 92
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE