Posted by Andrey Stoykov on Jul 29
# Exploit Title: Open Redirect “Login Page” Functionality – seotoasterv2.5.0
 # Date: 07/2025
 # Exploit Author: Andrey Stoykov
 # Version: 2.5.0
 # Tested on: Debian 12
 # Blog: https://msecureltd.blogspot.com/
Open Redirect “Login Page” Functionality #1:
Steps to Reproduce
Login to the application and then add the Referer header to attacker domain
// HTTP POST Request
POST /seotoaster/go HTTP/1.1
 Host: 192.168.58.149…
 –  Read More  – Full Disclosure 

 
			


