CVE-2012-4489
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-4489
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Drupal Secure Login模块‘securelogin_secure_redirect’函数开放重定向漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal中的Secure Login模块7.x-1.3之前的7.x-1.x版本‘securelogin_secure_redirect’函数中存在开放重定向漏洞。远程攻击者利用该漏洞通过q参数中的URL,重定向用户到web站点并进行钓鱼攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-4489
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-4489
Please Login to view more intelligence information
- 🔗 https://drupal.org/node/1698988x_refsource_CONFIRM
- 🔗 http://drupal.org/node/1700594x_refsource_MISC
- 🔗 https://drupal.org/node/1692976x_refsource_CONFIRM
- http://drupalcode.org/project/securelogin.git/commitdiff/88518dfx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2012-4489
Same Patch Batch · n/a · 2012-10-31 · 25 CVEs total
| CVE-2012-4492 | Drupal Shorten URLs模块多个跨站脚本漏洞 | |
| CVE-2012-4940 | Axigen Free Mail Server ‘View Log Files’组件多个目录遍历漏洞 | |
| CVE-2012-4939 | SolarWinds Orion Network Performance Monitor IPAM网络接口跨站脚本漏洞 | |
| CVE-2012-5671 | Exim DKIM DNS解码拒绝服务漏洞 | |
| CVE-2012-4544 | Xen PV Domain Builder 内核解压缩本地拒绝服务漏洞 | |
| CVE-2012-4532 | Joomla! Language Switcher模块跨站脚本漏洞 | |
| CVE-2012-4531 | Joomla! 跨站脚本漏洞 | |
| CVE-2012-4500 | Drupal Announcements模块安全漏洞 | |
| CVE-2012-4499 | Drupal Email Field模块联系格式化页面安全漏洞 | |
| CVE-2012-4496 | Drupal Custom Publishing Options模块跨站脚本漏洞 | |
| CVE-2012-4495 | Drupal Mime Mail模块安全漏洞 | |
| CVE-2012-4494 | Drupal Shibboleth认证模块安全漏洞 | |
| CVE-2012-4547 | AWStats ‘awredir.pl’未明安全漏洞 | |
| CVE-2012-4491 | Drupal Monthly Archive by Node Type模块安全漏洞 | |
| CVE-2012-4490 | Drupal Excluded Users模块多个跨站脚本漏洞 | |
| CVE-2012-4488 | Drupal Location模块安全漏洞 | |
| CVE-2012-4485 | Drupal Gallery格式化模块‘galleryformatter_field_formatter_view’函数多个跨站脚本漏洞 | |
| CVE-2012-4484 | Drupal Campaign Monitor模块跨站脚本漏洞 | |
| CVE-2012-4483 | Drupal Commons模块‘commons_discussion_views_default_views’函数安全漏洞 | |
| CVE-2012-4482 | Drupal Ubercart SecureTrading Payment Method模块安全漏洞 |
Showing top 20 of 25 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2012-4489
No comments yet