CVE-2014-9343
Published on: 12/08/2014 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:26:00 PM UTC
Certain versions of Snowfox Content Management System from Globiz Solutions contain the following vulnerability:
Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the rd parameter in a submit action to snowfox/.
- CVE-2014-9343 has been assigned by
[email protected] to track the vulnerability
CVSS2 Score: 5.8 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
No Description Provided | osvdb.org Inactive LinkNot Archived |
![]() |
Zero Science Lab » Snowfox CMS v1.0 (rd param) Open Redirect Vulnerability | Exploit www.zeroscience.mk text/html |
![]() |
Snowfox CMS 1.0 Open Redirect ≈ Packet Storm | packetstormsecurity.com text/html |
![]() |
Patch to stop possible open redirect forgery · 55a8e44 · GlobizSolutions/snowfox · GitHub | Exploit web.archive.org text/html Inactive LinkNot Archived |
![]() |
IBM X-Force Exchange | exchange.xforce.ibmcloud.com text/html |
![]() |
Releases · GlobizSolutions/snowfox · GitHub | web.archive.org text/html Inactive LinkNot Archived |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Globiz Solutions | Snowfox Content Management System | 1.0 | All | All | All |
Application | Globiz Solutions | Snowfox Content Management System | 1.0 | All | All | All |
- cpe:2.3:a:globiz_solutions:snowfox_content_management_system:1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:globiz_solutions:snowfox_content_management_system:1.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE