CVE-2014-2230

🗓️ 23 Oct 2014 14:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 48 Views🌐 WEB

Open redirect vulnerability in OpenX 2.8.10 & earlier allows remote attackers to conduct phishing attacks

Reporter	Title	Published	Views	Family All 7
Tenable Nessus	OpenX < 2.8.11 Redirect Vulnerability	16 Oct 201400:00	–	nessus
Cvelist	CVE-2014-2230	23 Oct 201414:00	–	cvelist
EUVD	EUVD-2014-2270	7 Oct 202500:30	–	euvd
NVD	CVE-2014-2230	23 Oct 201414:55	–	nvd
OpenVAS	OpenX Multiple Open Redirect Vulnerabilities	5 Nov 201400:00	–	openvas
Packet Storm	OpenX 2.8.10 Open Redirect	16 Oct 201400:00	–	packetstorm
Prion	Open redirect	23 Oct 201414:55	–	prion

NVD

Node

openx openxRange≤2.8.10

openx openxMatch2.8.1

openx openxMatch2.8.2

openx openxMatch2.8.3

openx openxMatch2.8.4

openx openxMatch2.8.5

openx openxMatch2.8.6

openx openxMatch2.8.7

openx openxMatch2.8.8

openx openxMatch2.8.9

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/128718/OpenX-2.8.10-Open-Redirect.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/97621
tetraph	www.tetraph.com/blog/cves/cve-2014-2230-openx-open-redirect-vulnerability-2
seclists	www.seclists.org/fulldisclosure/2014/Oct/72

Parameter	Position	Path	Description	CWE
dest	query param	adclick.php	Open redirect via dest parameter in adclick.php (MAX_redirect called with unchecked URL)	CWE-601
_maxdest	query param	ck.php	Open redirect via _maxdest parameter in ck.php (indirectly via adclick.php)	CWE-601

06 May 2026 22:30Current

6.9Medium risk

Vulners AI Score6.9

CVSS 25.8

EPSS0.00359