From oss-security  Fri May 22 14:42:52 2015
From: Jing Wang <justqdjing () gmail ! com>
Date: Fri, 22 May 2015 14:42:52 +0000
To: oss-security
Subject: [oss-security] Innovative WebPAC Pro 2.0 Open Redirect Web Security Vulnerabilities - CVE Request
Message-Id: <CAFWG0-iENjnG1wnBwBsqx6YFyeTs5gcgeVV0QSAfUe0=P4emNA () mail ! gmail ! com>
X-MARC-Message: https://marc.info/?l=oss-security&m=143230581319743
MIME-Version: 1
Content-Type: multipart/mixed; boundary="--001a11363046ca2c550516acac73"

--001a11363046ca2c550516acac73
Content-Type: text/plain; charset=UTF-8

Hello,

Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.

http://seclists.org/fulldisclosure/2015/Mar/80
http://packetstormsecurity.com/files/130841/innovationwebpac-redirect.txt
http://tetraph.com/security/open-redirect/innovative-webpac-pro-2-0-unvalidated-redirects-and-forwards-url-redirection-security-vulnerabilities/
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1722
http://lists.openwall.net/full-disclosure/2015/03/16/4
http://cxsecurity.com/issue/WLB-2015030103
http://www.intelligentexploit.com/view-details.html?id=20924


========

Exploit Title:
Innovative WebPAC Pro 2.0 Unvalidated Redirects and Forwards (URL
Redirection) Cyber Security Vulnerabilities

Product:
WebPAC Pro

Vendor:
Innovative Interfaces Inc

Vendor Link:
http://www.iii.com/products/webpac_pro.shtml

Vulnerable Versions:
2.0

Tested Versions:
2.0

========




Best Regards,
Wang Jing,


Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing

--001a11363046ca2c550516acac73--