Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3580
Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/.
Qsoft K-links
1 EDB exploit
6.5
CVSSv2
CVE-2017-14838
TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange.
Teamworktec Job Links -
1 EDB exploit
4.3
CVSSv2
CVE-2017-16860
The invalidRedirectUrl template in Atlassian Application Links before version 5.2.7, from version 5.3.0 before version 5.3.4 and from version 5.4.0 before version 5.4.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerabi...
Atlassian Application Links
4.3
CVSSv2
CVE-2006-7086
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote malicious users to obtain sensitive information and download the database via a direct request with a modified dl parameter.
Mrcgiguy Hot Links -
1 EDB exploit
4.3
CVSSv2
CVE-2017-11114
The put_chars function in html_r.c in Twibright Links 2.14 allows remote malicious users to cause a denial of service (buffer over-read) via a crafted HTML file.
Twibright Links 2.14
6.8
CVSSv2
CVE-2008-0565
SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Deltascripts Php Links
2 EDB exploits
NA
CVE-2019-25147
The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping in the track_link function. This makes it pos...
Prettylinks Pretty Links
NA
CVE-2023-4482
The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor ...
Michaeluno Auto Amazon Links
NA
CVE-2023-22689
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions.
Autoaffiliatelinks Auto Affiliate Links
NA
CVE-2023-22696
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Custom4Web Affiliate Links Lite plugin <= 2.5 versions.
Custom4web Affiliate Links Lite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »