Exploitation Summary
CVE-2015-7823 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the link parameter.
Nuclei Templates (1)
Kentico CMS 8.2 - Open Redirect
MEDIUMby 0x_Akoko
Shodan:
cpe:"cpe:2.3:a:kentico:kentico_cms" || http.title:"kentico database setup"
FOFA:
title="kentico database setup"
References (1)
Core 1
Core References
Exploit x_refsource_misc
http://packetstormsecurity.com/files/133981/Kentico-CMS-8.2-Cross-Site-Scripting-Open-Redirect.html
Scores
EPSS
0.1267
EPSS Percentile
94.2%
Details
Status
published
Products (1)
kentico/kentico_cms
8.2
Published
Oct 21, 2015
Tracked Since
Feb 18, 2026