Description

Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.

Remediation

References

CVE-2008-0613

Related Vulnerabilities

WordPress Plugin ReFlex Gallery 'php.php' Arbitrary File Upload (1.4.6)

WordPress Plugin Wufoo Shortcode Cross-Site Scripting (1.51)

OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)

Oracle JRE CVE-2013-5775 Vulnerability (CVE-2013-5775)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9042)

Severity

Medium

Classification

CVE-2008-0613 CWE-59

Tags

Missing Update Known Vulnerabilities