Lucene search
K

177 matches found

CVE
CVE
added 2023/03/05 12:0 a.m.82 views

CVE-2023-22432

Web2py contains an open redirect vulnerability in versions prior to 2.23.1. The flaw allows an attacker to redirect users to an arbitrary site via a crafted URL (e.g., manipulating a send parameter in the admin page), enabling phishing. Affected product: web2py (prior to 2.23.1). Root cause: open...

6.1CVSS6AI score0.02382EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/05 12:0 a.m.6 views

CVE-2023-22432

Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack...

6.4AI score0.02382EPSS
Exploits1References3
Veracode
Veracode
added 2023/03/02 9:55 a.m.17 views

Open Redirect

web2py is vulnerable to Open Redirect. A remote attacker is able to redirect the user to an arbitrary website by providing a specially crafted URL, which can result in a phishing attack...

6.1CVSS6.2AI score0.02382EPSS
Exploits1References6Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/02/28 6:0 a.m.4 views

web2py development tool vulnerable to open redirect

Overview The admin development tool included in the web2py source code contains an open redirect vulnerability CWE-601. According to the developer, they do not recommend using the tool in operational environment or disclosing it on the Internet. Takuto Yoshikai of Aeye Security Lab reported this...

6.1CVSS6.8AI score0.02382EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.4 views

web2py 输入验证错误漏洞

web2py is web2py open source a free and open source full stack enterprise framework. Used for agile development of secure database-driven Web-based applications . A security vulnerability exists in web2py versions prior to 2.23.1 that stems from the presence of an open redirection vulnerability,...

6.1CVSS5.8AI score0.02382EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/02/28 12:0 a.m.28 views

JVN#78253670: web2py development tool vulnerable to open redirect

The admin development tool included in the web2py source code contains an open redirect vulnerability CWE-601. According to the developer, they do not recommend using the tool in operational environment or disclosing it on the Internet. Impact When using the tool, a web2py user may be redirected ...

6.1CVSS6.2AI score0.02382EPSS
Exploits1
OSV
OSV
added 2022/06/28 12:1 a.m.16 views

GHSA-CGRJ-XJM7-9Q27 Open redirect in web2py

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.1AI score0.01443EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/06/28 12:1 a.m.22 views

Open redirect in web2py

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.1AI score0.01443EPSS
Exploits1References6Affected Software1
Veracode
Veracode
added 2022/06/27 7:12 p.m.20 views

Open Redirect

web2py is vulnerable to open redirect. The vulnerability exists due to a lack of sanitization allowing an attacker to redirect url's to an attacker controlled site...

6.1CVSS6.1AI score0.01443EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/06/27 1:15 a.m.22 views

CVE-2022-33146

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.2AI score
Exploits0References4
NVD
NVD
added 2022/06/27 1:15 a.m.31 views

CVE-2022-33146

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS0.01443EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/06/27 1:15 a.m.34 views

CVE-2022-33146

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.2AI score0.01443EPSS
Exploits1References1
Prion
Prion
added 2022/06/27 1:15 a.m.10 views

Open redirect

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

5.8CVSS6.1AI score0.01443EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/06/27 1:15 a.m.1 views

UBUNTU-CVE-2022-33146

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS5.8AI score0.01443EPSS
Exploits1References2
CVE
CVE
added 2022/06/27 12:20 a.m.95 views

CVE-2022-33146

CVE-2022-33146 describes an open redirect vulnerability in web2py versions prior to 2.22.5. The issue allows a remote attacker to redirect a user to an arbitrary site and facilitate phishing by triggering a specially crafted URL. Affected software is web2py (versions

6.1CVSS6AI score0.01443EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/06/27 12:20 a.m.29 views

CVE-2022-33146

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.3AI score0.01443EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/06/23 5:21 a.m.4 views

web2py vulnerable to open redirect

Overview web2py contains an open redirect vulnerability CWE-601. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When accessing a specially crafted URL, t...

6.1CVSS6.6AI score0.01443EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/06/23 12:0 a.m.7 views

web2py 输入验证错误漏洞

web2py is web2py open source a free and open source full stack enterprise framework. Used for agile development of secure database-driven Web-based applications. A security vulnerability exists in web2py. No information about this vulnerability is available at this time, please stay tuned to CNNV...

6.1CVSS5.7AI score0.01443EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/06/23 12:0 a.m.32 views

JVN#02158640: web2py vulnerable to open redirect

web2py contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update the software to the latest version accordi...

6.1CVSS6.1AI score0.01443EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/05/17 3:5 a.m.12 views

Web2py Reflected XSS vulnerability

Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an attacker to perform an XSS attack on logged in user admin...

4.8CVSS5.7AI score0.0228EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder