ID de Prueba:	1.3.6.1.4.1.25623.1.0.805208
Categoría:	Web application abuses
Título:	Snowfox CMS 'rd' Parameter Open Redirect Vulnerability
Resumen:	Snowfox CMS is prone to an open redirect vulnerability.
Descripción:	Summary: Snowfox CMS is prone to an open redirect vulnerability. Vulnerability Insight: The error exists as the application does not validate the 'rd' parameter upon submission to the selectlanguage.class.php script. Vulnerability Impact: Successful exploitation will allow remote attackers to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Affected Software/OS: Snowfox CMS version 1.0 Solution: Upgrade to Snowfox CMS version 1.0.10 or later. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9343 http://packetstormsecurity.com/files/129162/Snowfox-CMS-1.0-Open-Redirect.html http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5206.php https://github.com/GlobizSolutions/snowfox/releases http://osvdb.org/show/osvdb/114850 XForce ISS Database: mantisbt-cve20146316-open-redirect(99128) https://exchange.xforce.ibmcloud.com/vulnerabilities/99128
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.