Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-link vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-14025
Ozeki NG SMS Gateway up to and including 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password.
Ozeki Ozeki Ng Sms Gateway
6.5
CVSSv3
CVE-2023-5884
The Word Balloon WordPress plugin prior to 4.20.3 does not protect some of its actions against CSRF attacks, allowing an unauthenticated malicious user to trick a logged in user to delete arbitrary avatars by clicking a link.
Back2nature Word Balloon
NA
CVE-2009-0484
Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote malicious users to delete shared or saved searches via a link or IMG tag to buglist.cgi.
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.2
6.1
CVSSv3
CVE-2020-13262
Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later up to and including 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link
Gitlab Gitlab
Gitlab Gitlab 13.0.0
6.1
CVSSv3
CVE-2021-24288
When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.
Acymailing Acymailing
5.4
CVSSv3
CVE-2021-31712
react-draft-wysiwyg (aka React Draft Wysiwyg) prior to 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS.
React Draft Wysiwyg Project React Draft Wysiwyg
NA
CVE-2015-8220
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control prior to 12.0 HotFix 1 allows remote malicious users to execute arbitrary code via a crafted commandline argument in a link.
Solarwinds Dameware Mini Remote Control
5.4
CVSSv3
CVE-2015-8759
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.14
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.12
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
NA
CVE-2024-26284
Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website. This vulnerability affects Focus for iOS < 123.
6.1
CVSSv3
CVE-2022-1702
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and previous versions versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.
Sonicwall Sma 6200 Firmware 12.4.0
Sonicwall Sma 6200 Firmware 12.4.1
Sonicwall Sma 6210 Firmware 12.4.0
Sonicwall Sma 6210 Firmware 12.4.1
Sonicwall Sma 7200 Firmware 12.4.0
Sonicwall Sma 7200 Firmware 12.4.1
Sonicwall Sma 7210 Firmware 12.4.0
Sonicwall Sma 7210 Firmware 12.4.1
Sonicwall Sma 8000v Firmware 12.4.0
Sonicwall Sma 8000v Firmware 12.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »