Lucene search
K

28 matches found

CNNVD
CNNVD
added 2022/10/17 12:0 a.m.3 views

Phoenix framework 安全漏洞

Phoenix framework is Phoenix framework open source a functional programming language Elixir written in the Web development framework. A security vulnerability exists in Phoenix framework versions prior to 1.6.14, which stems from its socket/transport.ex incorrectly handling the checkorigin wildca...

7.5CVSS7.2AI score0.0052EPSS
Exploits0References2
CNVD
CNVD
added 2017/11/22 12:0 a.m.5 views

Phoenix Framework Redirection Vulnerability

Phoenix Framework is a set of resource management and testing as one of the Web automation testing framework . The framework supports unscripted execution , unattended execution and free customization and other execution modes . A redirection vulnerability exists in Phoenix Framework. An attacker...

6.1CVSS7AI score0.0206EPSS
Exploits0References1
Prion
Prion
added 2017/11/17 9:29 p.m.12 views

Design/Logic Flaw

The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...

5.8CVSS6.2AI score0.0206EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/11/17 9:29 p.m.15 views

CVE-2017-1000163

The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...

6.1CVSS6.2AI score0.0206EPSS
Exploits0References1
OSV
OSV
added 2017/11/17 9:29 p.m.17 views

CVE-2017-1000163

The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...

6.1CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2017/11/17 9:0 p.m.22 views

CVE-2017-1000163

The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...

6.2AI score0.0206EPSS
Exploits0References1
CVE
CVE
added 2017/11/17 9:0 p.m.86 views

CVE-2017-1000163

The connected Nuclei template confirms a concrete open redirect vulnerability in Phoenix Framework versions 1.0.0–1.0.4, 1.1.0–1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0. The issue stems from unvalidated URL redirection, enabling phishing/social-engineering via crafted links. Impact is an attacker crafti...

6.1CVSS6.1AI score0.0206EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2017/08/29 2:30 p.m.20 views

Sobelow - Security-Focused Static Analysis for the Phoenix Framework

Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for getting a quick view of points-of-interest. For project maintainers, it can be used to prevent introducing a number of common vulnerabilities. Currently Sobelow detects...

8.1AI score
Exploits0References1
Rows per page
Query Builder