Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2017-18111
The OAuthHelper in Atlassian Application Links before version 5.0.10, from version 5.1.0 before version 5.1.3, and from version 5.2.0 before version 5.2.6 used an XML document builder that was vulnerable to XXE when consuming a client OAuth request. This allowed malicious oauth a...
Atlassian Application Links
7.5
CVSSv2
CVE-2008-6032
SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Wsn Links 4.0.34p
1 EDB exploit
4
CVSSv2
CVE-2020-4026
The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from version 5.0.0 prior to 5.0.1, and from version 5.1.0 prior to 5.1.1 allows remote malicious users to enumerate all linked applications, inclu...
Atlassian Navigator Links
4.3
CVSSv2
CVE-2015-9472
The incoming-links plugin prior to 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header.
Monitorbacklinks Incoming Links
4
CVSSv2
CVE-2017-18096
The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 prior to 5.3.4 and from 5.4.0 prior to 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SS...
Atlassian Application Links
NA
CVE-2019-25147
The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping in the track_link function. This makes it pos...
Prettylinks Pretty Links
4.3
CVSSv2
CVE-2006-7086
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote malicious users to obtain sensitive information and download the database via a direct request with a modified dl parameter.
Mrcgiguy Hot Links -
1 EDB exploit
6.5
CVSSv2
CVE-2017-14838
TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange.
Teamworktec Job Links -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6720
SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the admin_username parameter (aka the admin field).
Deltascripts Php Links
2 EDB exploits
4.3
CVSSv2
CVE-2017-11114
The put_chars function in html_r.c in Twibright Links 2.14 allows remote malicious users to cause a denial of service (buffer over-read) via a crafted HTML file.
Twibright Links 2.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »