Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
link vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-25091
The Link Library WordPress plugin prior to 7.2.9 does not sanitise and escape the settingscopy parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
Link Library Project Link Library
5
CVSSv2
CVE-2021-25093
The Link Library WordPress plugin prior to 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request
Link Library Project Link Library
NA
CVE-2022-4199
The Link Library WordPress plugin prior to 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
Link Library Project Link Library
NA
CVE-2023-26801
LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.
Lb-link Bl-lte300 Firmware 1.0.8
Lb-link Bl-x26 Firmware 1.2.5
Lb-link Bl-wr9000 Firmware 2.4.9
Lb-link Bl-ac1900 Firmware 1.0.1
7.8
CVSSv2
CVE-2007-3348
The D-Link DPH-540/DPH-541 phone allows remote malicious users to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message.
D-link Dph-541 1.00.03
D-link Dph-540 1.00.14
D-link Dph-540 1.00.03
D-link Dph-541 1.00.14
7.8
CVSSv2
CVE-2007-3347
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote malicious users to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.
D-link Dph-541 1.00.03
D-link Dph-540 1.00.14
D-link Dph-540 1.00.03
D-link Dph-541 1.00.14
5
CVSSv2
CVE-2014-9350
TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote malicious users to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.
Tp-link Tl-wr740n Firmware 3.16.6
Tp-link Tl-wr740n Firmware 3.16.4
Tp-link Tl-wr740n Firmware 3.17.0
Tp-link Tl-wr740n 4
1 EDB exploit
10
CVSSv2
CVE-2018-19987
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the...
D-link Dir-818lw Firmware 2.05.b03
D-link Dir-822 Firmware 202krb06
Dlink Dir-822 Firmware 3.10b06
D-link Dir-860l Firmware 2.03.b03
D-link Dir-868l Firmware 2.05b02
D-link Dir-880l Firmware 1.20b01 01 I3se
D-link Dir-890l\\/r Firmware 1.21b02
2 Github repositories
NA
CVE-2023-31188
Multiple TP-LINK products allow a network-adjacent authenticated malicious user to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Arc...
Tp-link Archer C55 Firmware
Tp-link Archer C50 V3 Firmware
5
CVSSv2
CVE-2017-8217
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface.
Tp-link C2 Firmware
Tp-link C20i Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »