Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-1862
A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected softwa...
Cisco Ios Xe 16.3.7
1 Article
3.5
CVSSv2
CVE-2022-1330
stored xss due to unsantized anchor url in GitHub repository alvarotrigo/fullpage.js before 4.0.4. stored xss .
Fullpage Project Fullpage
4.3
CVSSv2
CVE-2015-9494
The indieweb-post-kinds plugin prior to 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier.
Indieweb Post Kinds Project Indieweb Post Kinds
4.3
CVSSv2
CVE-2015-9500
The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.
Exquisite Ultimate Newspaper Project Exquisite Ultimate Newspaper 1.3.3
3.5
CVSSv2
CVE-2021-24470
The Yada Wiki WordPress plugin prior to 3.4.1 did not sanitise, validate or escape the anchor attribute of its shortcode, leading to a Stored Cross-Site Scripting issue
Yada Wiki Project Yada Wiki
NA
CVE-2023-30792
Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources.
Facebook Lexical
4.3
CVSSv2
CVE-2008-6283
Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote malicious users to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."
Subtextproject Subtext 2.0
5
CVSSv2
CVE-2008-1184
The DNSSEC validation library (libval) library in dnssec-tools prior to 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow malicious users to conduct unspecified attacks.
Dnssec-tools Dnssec-tools
4.3
CVSSv2
CVE-2007-5443
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.1.3.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) the anchor tag and (2) listtags.
Cmsmadesimple Cms Made Simple 1.1.3.1
4.3
CVSSv2
CVE-2017-12373
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote malicious user to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) att...
Cisco Adaptive Security Appliance 5505 Firmware -
Cisco Adaptive Security Appliance 5510 Firmware -
Cisco Adaptive Security Appliance 5520 Firmware -
Cisco Adaptive Security Appliance 5540 Firmware -
Cisco Adaptive Security Appliance 5550 Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »