Search for hundreds of thousands of exploits

"Horde Webmail 5.1 - Open Redirect"

Author

Exploit author

"felipe andrian"

Platform

Exploit platform

php

Release date

Exploit published date

2014-04-01

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
[+] Horde webmail - Open Redirect Vulnerability 
[+] Date: 31/03/2014
[+] Risk: Low
[+] Remote: Yes
[+] Author: Felipe Andrian Peixoto
[+] Vendor Homepage: http://www.horde.org/apps/webmail
[+] Contact: felipe_andrian@hotmail.com
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: go.php
[+] Dork: inurl:horde/util/go.php?
[+] Version: 5.1 probably other versions too
[+] Exploit : http://host/horde/util/go.php?url=[ Open Redirect Vul ]

Note : An open redirect is an application that takes a parameter and redirects a user to the parameter value without any validation. 
This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.
Reference :https://www.owasp.org/index.php/Open_redirect
Release DateTitleTypePlatformAuthor
2019-06-25"AZADMIN CMS 1.0 - SQL Injection"webappsphp"felipe andrian"
2019-05-13"XOOPS 2.5.9 - SQL Injection"webappsphp"felipe andrian"
2019-05-06"PHPads 2.0 - 'click.php3?bannerID' SQL Injection"webappsphp"felipe andrian"
2019-05-06"microASP (Portal+) CMS - 'pagina.phtml?explode_tree' SQL Injection"webappsasp"felipe andrian"
2014-05-24"Web Terra 1.1 - 'books.cgi' Remote Command Execution"webappscgi"felipe andrian"
2014-04-14"WordPress Theme LineNity 1.20 - Local File Inclusion"webappsphp"felipe andrian"
2014-04-02"CIS Manager CMS - SQL Injection"webappsasp"felipe andrian"
2014-04-01"Horde Webmail 5.1 - Open Redirect"webappsphp"felipe andrian"
2014-03-29"ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect"webappsasp"felipe andrian"
2014-03-24"BigDump 0.35b - Arbitrary File Upload"webappsphp"felipe andrian"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/32638/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.