# Exploit Title: unvalidated Redirects and forwards in webfolio2.5.1
# Date:04 august 2015
# Exploit Author: Sharankumar somana
# Vendor Homepage: http://webfolio-cms.sourceforge.net/
# Software Link: http://sourceforge.net/projects/webfolio-cms/?source=typ_redirect
# Version: 2.5.1
# Tested on: Windows 7


_________________________________________________________________________________________________________________________

Unvalidated Redirects and Forwards:

Webfolio-cms is vulnerable for Unvalidated Redirects and Forwards.The web application accepts untrusted input that could cause the application to redirect the request to a URL contained within input

Affected url:

localhost/webfolio/wfcms2/login?r=http://www.thekolaveridi.com

Affected parameter: r