.. / CVE-2016-10368

Exploit for Opsview Monitor Pro - Open Redirect (CVE-2016-10368)

Description:

Opsview Monitor Pro before 5.1.0.162300841, before 5.0.2.27475, before 4.6.4.162391051, and 4.5.x without a certain 2016 security patch contains an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via the back parameter to the login URI.

Nuclei Template

View the template here CVE-2016-10368.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2016/CVE-2016-10368.yaml

References:

https://github.com/ARPSyndicate/cvemon
https://nvd.nist.gov/vuln/detail/CVE-2016-10368
https://github.com/ARPSyndicate/kenzer-templates
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-016/?fid=8341
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18774

.. / CVE-2016-10368 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Opsview Monitor Pro - Open Redirect (CVE-2016-10368)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2016-10368