Exploitation Summary
CVE-2014-9180 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERY_STRING.
Nuclei Templates (1)
Eleanor CMS - Open Redirect
MEDIUMVERIFIEDby Shankar Acharya
Shodan:
html:"eleanor" || http.html:"eleanor" || cpe:"cpe:2.3:a:eleanor-cms:eleanor_cms"
FOFA:
body="eleanor"
References (1)
Core 1
Core References
Exploit x_refsource_misc
http://packetstormsecurity.com/files/129087/Eleanor-CMS-Open-Redirect.html
Scores
EPSS
0.0844
EPSS Percentile
92.6%
Details
Status
published
Products (1)
eleanor-cms/eleanor_cms
Published
Dec 02, 2014
Tracked Since
Feb 18, 2026