CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-8870

MEDIUM
5.8
CVSS Severity Score
EPSS Score0.1170%
EPSS Percentile40.29th
Published2015年1月15日
Last Modified2026年5月6日

Vulnerability Description

Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin before 1.1.2 for Woltlab Burning Board 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board_url parameter.

Affected Platforms (CPE)

📦
Tapatalk

Tapatalk

= 1.0.0
📦
Tapatalk

Tapatalk

= 1.0.1
📦
Tapatalk

Tapatalk

= 1.0.2
📦
Tapatalk

Tapatalk

= 1.1.0
📦
Tapatalk

Tapatalk

= 1.1.1

References & Advisories

🔗 http://seclists.org/fulldisclosure/2015/Jan/32
🔗 http://www.securityfocus.com/archive/1/534450/100/0/threaded
🔗 http://www.securityfocus.com/bid/71998
🔗 http://seclists.org/fulldisclosure/2015/Jan/32
🔗 http://www.securityfocus.com/archive/1/534450/100/0/threaded
🔗 http://www.securityfocus.com/bid/71998

相關漏洞威脅

CVE-2017-146529.8

SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated...

CVE-2014-20239.8

Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote a...

CVE-2014-56805.4

The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 for Android does not verify X.509 certificates from SSL serve...

CVE-2014-66495.4

The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates fr...