Total
1484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46750 | 1 Apache | 1 Shiro | 2026-06-17 | N/A | 6.1 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+. | |||||
| CVE-2023-46688 | 1 Pleasanter | 1 Pleasanter | 2026-06-17 | N/A | 6.1 MEDIUM |
| Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. | |||||
| CVE-2023-46624 | 1 Parcelpro | 1 Parcel Pro | 2026-06-17 | N/A | 4.7 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Parcel Pro.This issue affects Parcel Pro: from n/a through 1.6.11. | |||||
| CVE-2023-45909 | 1 Zzzcms | 1 Zzzphp | 2026-06-17 | N/A | 6.1 MEDIUM |
| zzzcms v2.2.0 was discovered to contain an open redirect vulnerability. | |||||
| CVE-2023-45762 | 1 Michaeluno | 1 Responsive Column Widgets | 2026-06-17 | N/A | 4.7 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Michael Uno (miunosoft) Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7. | |||||
| CVE-2023-45203 | 1 Projectworlds | 1 Online Examination System | 2026-06-17 | N/A | 6.1 MEDIUM |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | |||||
| CVE-2023-45202 | 1 Projectworlds | 1 Online Examination System | 2026-06-17 | N/A | 6.1 MEDIUM |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | |||||
| CVE-2023-45201 | 1 Projectworlds | 1 Online Examination System | 2026-06-17 | N/A | 6.1 MEDIUM |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | |||||
| CVE-2023-45105 | 1 Servit | 1 Affiliate-toolkit | 2026-06-17 | N/A | 4.7 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin.This issue affects affiliate-toolkit – WordPress Affiliate Plugin: from n/a through 3.3.9. | |||||
| CVE-2023-42502 | 1 Apache | 1 Superset | 2026-06-17 | N/A | 4.8 MEDIUM |
| An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0. | |||||
| CVE-2023-41699 | 1 Payara | 1 Payara | 2026-06-17 | N/A | 6.1 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11. | |||||
| CVE-2023-41648 | 1 Swapnilpatil | 1 Login And Logout Redirect | 2026-06-17 | N/A | 4.7 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Swapnil V. Patil Login and Logout Redirect.This issue affects Login and Logout Redirect: from n/a through 2.0.3. | |||||
| CVE-2023-41609 | 1 Couchcms | 1 Couchcms | 2026-06-17 | N/A | 6.1 MEDIUM |
| An open redirect vulnerability in the sanitize_url() parameter of CouchCMS v2.3 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL. | |||||
| CVE-2023-41080 | 2 Apache, Debian | 2 Tomcat, Debian Linux | 2026-06-17 | N/A | 6.1 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may also be affected. The vulnerability is limited to the ROOT (default) web application. | |||||
| CVE-2023-40779 | 1 Icewarp | 1 Deep Castle G2 | 2026-06-17 | N/A | 6.1 MEDIUM |
| An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL. | |||||
| CVE-2023-40602 | 1 Doofinder | 1 Doofinder | 2026-06-17 | N/A | 4.7 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 1.5.49. | |||||
| CVE-2023-40306 | 1 Sap | 1 S\/4hana | 2026-06-17 | N/A | 6.1 MEDIUM |
| SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity. | |||||
| CVE-2023-3922 | 1 Gitlab | 1 Gitlab | 2026-06-17 | N/A | 3.0 LOW |
| An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page. | |||||
| CVE-2023-3771 | 1 T1 Project | 1 T1 | 2026-06-17 | N/A | 6.1 MEDIUM |
| The T1 WordPress theme through 19.0 is vulnerable to unauthenticated open redirect with which any attacker and redirect users to arbitrary websites. | |||||
| CVE-2023-3684 | 1 Livelyworks | 1 Articart | 2026-06-17 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in LivelyWorks Articart 2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /change-language/de_DE of the component Base64 Encoding Handler. The manipulation of the argument redirectTo leads to open redirect. The attack may be launched remotely. VDB-234230 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||