[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2012-4032

Date: (C)2012-07-17   (M)2017-08-29
 
CVSS Score: 5.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 4.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: NONE











Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx.

Reference:
SECUNIA-49813
BID-54346
OSVDB-83689
http://packetstormsecurity.org/files/114541/WebsitePanel-CMS-Open-Redirect.html
http://websitepanel.codeplex.com/workitem/224
websitepanel-returnurl-open-redirect(76803)

CPE    7
cpe:/a:websitepanel:websitepanel:1.0.0
cpe:/a:websitepanel:websitepanel:1.2.1
cpe:/a:websitepanel:websitepanel:1.1.2
cpe:/a:websitepanel:websitepanel:1.2.0
...
CWE    1
CWE-20

© 2013 SecPod Technologies