Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-link vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4197
tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote malicious users to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet.
Nortel Ssl Vpn
Nortel Ssl Vpn 4.1.2.12
Nortel Ssl Vpn 4.1.2.11
1 EDB exploit
NA
CVE-2001-0314
Buffer overflow in www.tol module in America Online (AOL) 5.0 may allow remote malicious users to cause a denial of service, and possibly execute arbitrary commands, via a long URL in a link.
Aol Aol Server 5.0
6.1
CVSSv3
CVE-2018-11093
Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 prior to 10.0.1 allows remote malicious users to inject arbitrary web script through a crafted href attribute of a link (A) element.
Ckeditor Ckeditor 5-link
NA
CVE-2002-2013
Mozilla 0.9.6 and previous versions and Netscape 6.2 and previous versions allows remote malicious users to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Mozilla Mozilla 0.9.5
Netscape Navigator 6.2
Netscape Communicator 4.76
Netscape Navigator 6.0
Netscape Communicator 4.77
Mozilla Mozilla 0.9.3
Netscape Communicator 4.61
Netscape Communicator 4.07
Netscape Communicator 4.73
Netscape Communicator 4.51
Netscape Communicator 4.4
Mozilla Mozilla 0.9.2.1
Netscape Communicator 4.06
Mozilla Mozilla 0.9.2
Netscape Communicator 4.7
Netscape Communicator 4.78
Netscape Communicator 4.0
Mozilla Mozilla 0.9.4
Netscape Communicator 4.74
Netscape Communicator 4.08
Netscape Communicator 4.6
Netscape Communicator 4.5 Beta
NA
CVE-2006-2495
Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity prior to 1.0-beta3 allows remote malicious users to perform unauthorized actions as a logged-in user via a link or IMG tag.
S9y Serendipity 0.5
S9y Serendipity 0.4
S9y Serendipity 0.8.5
S9y Serendipity 0.7
S9y Serendipity 0.8.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.2
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 1.0 Beta1
S9y Serendipity 1.0 Beta2
S9y Serendipity 0.8.1
S9y Serendipity 0.8
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.9.1
S9y Serendipity 0.9
S9y Serendipity 0.6
5.4
CVSSv3
CVE-2020-5266
In the ps_link module for PrestaShop before version 3.1.0, there is a stored XSS when you create or edit a link list block with the title field. The problem is fixed in 3.1.0
Prestashop Prestashop Link
NA
CVE-2004-2260
Opera Browser 7.23, and other versions prior to 7.50, updates the address bar as soon as the user clicks a link, which allows remote malicious users to redirect to other sites via the onUnload attribute.
Opera Opera Browser
2.7
CVSSv3
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote malicious users to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article.
1234n Minicms 1.10
4.3
CVSSv3
CVE-2019-3851
A vulnerability was found in moodle prior to 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page.
Moodle Moodle
Fedoraproject Fedora -
8.8
CVSSv3
CVE-2020-14025
Ozeki NG SMS Gateway up to and including 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password.
Ozeki Ozeki Ng Sms Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »