Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0375
The Easy Affiliate Links WordPress plugin prior to 3.7.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripti...
Bootstrapped Easy Affiliate Links
NA
CVE-2023-22689
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions.
Autoaffiliatelinks Auto Affiliate Links
NA
CVE-2023-22696
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Custom4Web Affiliate Links Lite plugin <= 2.5 versions.
Custom4web Affiliate Links Lite
NA
CVE-2023-35097
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Internet Marketing Dojo WP Affiliate Links plugin <= 0.1.1 versions.
Dojo Wp Affiliate Links
7.5
CVSSv2
CVE-2007-1339
SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote malicious users to execute arbitrary SQL commands via the lcnt parameter.
Monitor-line Links Management
1 EDB exploit
7.5
CVSSv2
CVE-2006-6645
PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx_links) 2.05 and previous versions module for mxBB allows remote malicious users to execute arbitrary PHP code via a URL in the mx_root_path parameter.
Mxbb Mxbb Web Links
1 EDB exploit
4.3
CVSSv2
CVE-2008-2213
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Links 3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.
Maianscriptworld Maian Links 3.1
NA
CVE-2024-22287
Cross-Site Request Forgery (CSRF) vulnerability in Ludek Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a up to and including 1.7.5.
Ludek Better Anchor Links
7.5
CVSSv2
CVE-2009-4206
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cmsnx Million Dollar Text Links
1 EDB exploit
2.6
CVSSv2
CVE-2006-2903
Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Particle Soft Particle Links 1.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »