Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-1759
The RB Internal Links WordPress plugin up to and including 2.0.16 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to...
Rb Internal Links Project Rb Internal Links
4
CVSSv2
CVE-2019-20105
The EditApplinkServlet resource in the Atlassian Application Links plugin before version 5.4.20, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.1, and from version 7.1.0 before version 7.1.3 allows remote a...
Atlassian Application Links
Atlassian Application Links 7.0.0
4.3
CVSSv2
CVE-2017-15863
Cross Site Scripting (XSS) exists in the wp-noexternallinks plugin prior to 3.5.19 for WordPress via the date1 or date2 parameter to wp-admin/options-general.php.
Wp No External Links Project Wp No External Links
NA
CVE-2023-26537
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nicolly WP No External Links plugin <= 1.0.2 versions.
Wp No External Links Project Wp No External Links
4.3
CVSSv2
CVE-2014-4537
Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the Keyword Strategy Internal Links plugin 2.0 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the (1) sort, (2) search, or (3) dir parameter.
Keyword Strategy Internal Links Project Keyword Strategy Internal Links
4.3
CVSSv2
CVE-2014-6294
Cross-site scripting (XSS) vulnerability in the External links click statistics (outstats) extension 0.0.3 and previous versions for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
External Links Click Statistics Project External Links Click Statistics
4.3
CVSSv2
CVE-2005-1492
Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Gossamer Threads Gossamer Threads Links 2.0
Gossamer Threads Gossamer Threads Links 2.2.0
Gossamer Threads Gossamer Threads Links-sql 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2012-5098
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
J Waite Php-x-links 1.0
J Waite Php-x-links 0.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-4041
Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote malicious users to inject arbitrary web script or HTML via the query string.
Mr. Cgi Guy Hot Links Pro
Mr. Cgi Guy Hot Links Sql
7.5
CVSSv2
CVE-2008-3319
admin/index.php in Maian Links 3.1 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.
Maian Links
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »