Lucene search
MitreCVE-2014-8305HistoryOct 16, 2014 - 7:55 p.m.
CVE-2014-8305
2014-10-1619:55:17
mitre
web.nvd.nist.gov
24
cve-2014-8305
open redirect vulnerability
c97net cart engine
security vulnerability
phishing attack
web security
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
68.2%
Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header to (1) index.php, (2) cart.php, (3) msg.php, or (4) page.php.
Affected configurations
Node
c97cart_engineRange≤3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| c97 | cart_engine | * | cpe:2.3:a:c97:cart_engine:*:*:*:*:*:*:*:* |
Related
prion
prion
Open redirect
2014-10-16 19:55:00
dsquare
dsquare
Cart Engine 3.0 SQL Injection
2014-11-01 00:00:00
cvelist
cvelist
CVE-2014-8305
2014-10-16 19:00:00
nvd
nvd
CVE-2014-8305
2014-10-16 19:55:17
exploitdb
exploitdb
Cart Engine 3.0 - Multiple Vulnerabilities
2014-09-25 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
68.2%
Related for CVE-2014-8305