CyberSec.Space Logo
Back to CVE Browser

CVE-2014-8870

MEDIUM
5.8
CVSS Severity Score
EPSS Score0.1170%
EPSS Percentile40.29th
PublishedJan 15, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin before 1.1.2 for Woltlab Burning Board 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board_url parameter.

Affected Platforms (CPE)

πŸ“¦
Tapatalk

Tapatalk

= 1.0.0
πŸ“¦
Tapatalk

Tapatalk

= 1.0.1
πŸ“¦
Tapatalk

Tapatalk

= 1.0.2
πŸ“¦
Tapatalk

Tapatalk

= 1.1.0
πŸ“¦
Tapatalk

Tapatalk

= 1.1.1

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2015/Jan/32
πŸ”— http://www.securityfocus.com/archive/1/534450/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/71998
πŸ”— http://seclists.org/fulldisclosure/2015/Jan/32
πŸ”— http://www.securityfocus.com/archive/1/534450/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/71998

Related Vulnerabilities

CVE-2017-146529.8

SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated...

CVE-2014-20239.8

Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote a...

CVE-2014-56805.4

The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 for Android does not verify X.509 certificates from SSL serve...

CVE-2014-66495.4

The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates fr...