CVE-2020-18268

Medium

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the…

mitre·CWE-601·Published 2021-06-07

CVSS

6.1

EPSS

0.03

KEV

Exploits

cve.orgen

168 chars

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php."

NVDen

168 chars

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php."

Open Redirect en Z-BlogPHP versión v1.5.2 y anteriores, permite a atacantes remotos obtener información confidencial por medio del parámetro "redirect" en el componente "zb_system/cmd.php"

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N