Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-1582
Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote malicious users to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.
Kalptarudemos Million Dollar Text Links 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1854
Million Dollar Text Links 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the userid cookie to 1.
Cmsnx Million Dollar Text Links 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-4042
Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a parameter to search.cgi.
Mr. Cgi Guy Warm Links 1.0.0
3.5
CVSSv2
CVE-2022-1095
The Mihdan: No External Links WordPress plugin prior to 5.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example...
Mihdan\\ No External Links Project Mihdan\\
7.5
CVSSv2
CVE-2008-4086
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote malicious users to execute arbitrary SQL commands via the site parameter in an open action.
Source Workshop Reciprocal Links Manager 1.1
1 EDB exploit
5
CVSSv2
CVE-2006-2534
Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote malicious users to obtain the installation path via a direct URL to files in the (1) include and (2) themes/original directories.
Greg Donald Destiney Links Script 2.1.2
5
CVSSv2
CVE-2006-2535
index.php in Destiney Links Script 2.1.2 allows remote malicious users to obtain the installation path via an invalid show parameter referencing a non-existent file, which reveals the path in the resulting error message. NOTE: this issue might be resultant from a more serious iss...
Greg Donald Destiney Links Script 2.1.2
5.8
CVSSv2
CVE-2006-2536
Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) "Search" (term parameter in index.php) and (2) "Add a Site" (add.php) fields.
Greg Donald Destiney Links Script 2.1.2
4.3
CVSSv2
CVE-2012-6709
ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.
Elinks Elinks 0.12
Twibright Links 2.3
4.3
CVSSv2
CVE-2008-7121
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the search bar.
Mrcgiguy Hot Links Sql-php 3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »