CVE-2020-36365

MEDIUM NUCLEI

Smartstorenet < 4.1.0 - Open Redirect

Title source: rule

Description

Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit open redirect.

Nuclei Templates (1)

Smartstore <4.1.0 - Open Redirect

MEDIUMby 0x_Akoko

Shodan: http.html:'content="Smartstore' || http.html:'content="smartstore'

FOFA: body='content="smartstore'

References (1)

[Exploit, Issue Tracking, Third Party Advisory] https://github.com/smartstore/SmartStoreNET/issues/2113

Scores

CVSS v3 6.1

EPSS 0.0962

EPSS Percentile 92.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-601

Status published

Products (1)

smartstore/smartstorenet < 4.1.0

Published May 19, 2021

Tracked Since Feb 18, 2026