Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple open redirect vulnerabilities in TBDev.NET 01-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the returnto parameter to login.php or (2) the returnto parameter in a delete action to news.php. NOTE: this can be leveraged for cross-site scripting (XSS) by redirecting to a data: URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TBDev.NET 多个公开重定向漏洞
Vulnerability Description
TBDev.NET 01-01-08版本中存在多个公开重定向漏洞。远程攻击者可以借助(1)对login.php的returnto参数或(2)对news.php的一个删除操作中的returnto参数,重定向用户至任意网站并执行钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A