CVE-2008-7269

NUCLEI

SiteEngine 5.x - Open Redirect

Title source: llm

Description

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action.

Exploits (2)

exploitdb WORKING POC VERIFIED
by xy7 · textwebappsphp
https://www.exploit-db.com/exploits/6823
exploitdb WRITEUP VERIFIED
by xuanmumu · textwebappsphp
https://www.exploit-db.com/exploits/32523

Nuclei Templates (1)

UC Gateway Investment SiteEngine v5.0 - Open Redirect
MEDIUMVERIFIEDby ctflearner
Shodan: html:"SiteEngine" || http.html:"siteengine"
FOFA: body="siteengine"

References (3)

Scores

EPSS 0.0430
EPSS Percentile 88.7%

Classification

CWE
CWE-20
Status draft

Affected Products (1)

boka/siteengine

Timeline

Published Dec 01, 2010
Tracked Since Feb 18, 2026