15 matches found
CVE-2023-45202
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL...
CVE-2024-54014
Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead the application to access an arbitrary web site via another application installed on the user's device...
CVE-2024-54014
CVE-2024-54014 affects the Skylark App for Android (≤ 6.2.13) and iOS (≤ 6.2.13). The issue is an improper authorization in the handler for the app’s Custom URL Scheme, which could cause the app to load an arbitrary web site via another application on the device. According to the sources, the vul...
CVE-2024-54014
Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead the application to access an arbitrary web site via another application installed on the user's device...
CVE-2023-45201 Online Examination System v1.0 - Multiple Open Redirects
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL...
CVE-2023-41609
An open redirect vulnerability in the sanitizeurl parameter of CouchCMS v2.3 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL...
CVE-2022-43479
Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web site and conduct a phishing attack...
CVE-2017-9297
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites...
Design/Logic Flaw
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message...
1830 Photonic Service Switch PSS-32/16/4 Cross Site Scripting
SWISSCOM CSIRT ADVISORY - http://www.swisscom.com/security CVE ID: CVE-2014-3809 Product: 1830 Photonic Service Switch PSS-32/16/4 Vendor: Alcatel-Lucent Subject: Reflected Cross-site Scripting - XSS Effect: Remotely exploitable Author: Stephan Rickauer stephan.rickauer at swisscom.com Date:...
OpenX Multiple Open Redirect Vulnerabilities
OpenX is prone to multiple open redirect vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openx:openx";...
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2007-0921
Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI...
Design/Logic Flaw
Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI...
CVE-2003-1311
Technical details about CVE-2003-1311 are not publicly available in the provided connected documents. No concrete affected products, versions, root cause specifics, or remediation are present. Monitor for updates to obtain authoritative information.