Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 22 May 2015 22:42:52 +0800
From: Jing Wang <justqdjing@...il.com>
To: oss-security@...ts.openwall.com
Subject: Innovative WebPAC Pro 2.0 Open Redirect Web Security Vulnerabilities
 - CVE Request

Hello,

Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.

http://seclists.org/fulldisclosure/2015/Mar/80
http://packetstormsecurity.com/files/130841/innovationwebpac-redirect.txt
http://tetraph.com/security/open-redirect/innovative-webpac-pro-2-0-unvalidated-redirects-and-forwards-url-redirection-security-vulnerabilities/
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1722
http://lists.openwall.net/full-disclosure/2015/03/16/4
http://cxsecurity.com/issue/WLB-2015030103
http://www.intelligentexploit.com/view-details.html?id=20924


========

Exploit Title:
Innovative WebPAC Pro 2.0 Unvalidated Redirects and Forwards (URL
Redirection) Cyber Security Vulnerabilities

Product:
WebPAC Pro

Vendor:
Innovative Interfaces Inc

Vendor Link:
http://www.iii.com/products/webpac_pro.shtml

Vulnerable Versions:
2.0

Tested Versions:
2.0

========




Best Regards,
Wang Jing,


Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ