目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-698 重定向后执行(EAR) 类漏洞列表 15

CWE-698 重定向后执行(EAR) 类弱点 15 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-698 属于逻辑缺陷类漏洞,指 Web 应用在发送重定向响应后未终止执行,而是继续运行后续代码。攻击者常利用此缺陷绕过身份验证或权限检查,通过构造特定请求诱导服务器执行未授权操作。开发者应避免在重定向后保留任何业务逻辑代码,确保在发出重定向指令后立即退出当前请求处理流程,从而阻断潜在的攻击路径。

MITRE CWE 官方描述
CWE:CWE-698 重定向后执行 (Execution After Redirect, EAR) 英文:Web 应用程序向另一个位置发送重定向(redirect),但在未退出的情况下,它执行了额外的代码。
常见影响 (1)
Other, Confidentiality, Integrity, AvailabilityAlter Execution Logic, Execute Unauthorized Code or Commands
This weakness could affect the control flow of the application and allow execution of untrusted code.
代码示例 (1)
This code queries a server and displays its status when a request comes from an authorized IP address.
$requestingIP = $_SERVER['REMOTE_ADDR']; if(!in_array($requestingIP,$ipAllowList)){ echo "You are not authorized to view this page"; http_redirect($errorPageURL); } $status = getServerStatus(); echo $status; ...
Bad · PHP
CVE ID标题CVSS风险等级Published
CVE-2026-2699 Progress ShareFile Storage Zones Controller 安全漏洞 — ShareFile Storage Zones Controller 9.8 Critical2026-04-02
CVE-2026-3264 Free CRM 安全漏洞 — Free-CRM 6.3 Medium2026-02-26
CVE-2026-3262 Warehouse Inventory Management System 安全漏洞 — Asp.Net-Core-Inventory-Order-Management-System 6.3 Medium2026-02-26
CVE-2025-8350 Inrove BiEticaret CMS 安全漏洞 — BiEticaret CMS 9.8 Critical2026-02-19
CVE-2025-6967 Sarman Soft CMS 安全漏洞 — CMS 8.7 High2026-02-10
CVE-2025-9848 Real-Estate-website-in-PHP 安全漏洞 — Real Estate Management System 7.3 High2025-09-03
CVE-2025-53077 SAMSUNG DMS 安全漏洞 — DMS(Data Management Server) 6.5 Medium2025-07-29
CVE-2024-48766 NetAlertX 安全漏洞 — NetAlertX 8.6 High2025-05-13
CVE-2024-3376 Computer Laboratory Management System 安全漏洞 — Computer Laboratory Management System 7.3 High2024-04-06
CVE-2024-2635 Meta4 HR 安全漏洞 — Meta4 HR 7.3 High2024-03-19
CVE-2024-2573 Employee Task Management System 安全漏洞 — Employee Task Management System 7.3 High2024-03-18
CVE-2024-2572 Employee Task Management System 安全漏洞 — Employee Task Management System 7.3 High2024-03-18
CVE-2024-2571 Employee Task Management System 安全漏洞 — Employee Task Management System 7.3 High2024-03-18
CVE-2024-2570 Employee Task Management System 安全漏洞 — Employee Task Management System 7.3 High2024-03-18
CVE-2024-2569 Employee Task Management System 安全漏洞 — Employee Task Management System 7.3 High2024-03-17

CWE-698(重定向后执行(EAR)) 是常见的弱点类别,本平台收录该类弱点关联的 15 条 CVE 漏洞。