Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-1095
The Mihdan: No External Links WordPress plugin prior to 5.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example...
Mihdan\\ No External Links Project Mihdan\\
NA
CVE-2005-4042
Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a parameter to search.cgi.
Mr. Cgi Guy Warm Links 1.0.0
NA
CVE-2008-4086
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote malicious users to execute arbitrary SQL commands via the site parameter in an open action.
Source Workshop Reciprocal Links Manager 1.1
1 EDB exploit
NA
CVE-2009-1582
Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote malicious users to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.
Kalptarudemos Million Dollar Text Links 1.0
1 EDB exploit
NA
CVE-2008-7121
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the search bar.
Mrcgiguy Hot Links Sql-php 3
5.9
CVSSv3
CVE-2012-6709
ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.
Elinks Elinks 0.12
Twibright Links 2.3
NA
CVE-2009-1854
Million Dollar Text Links 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the userid cookie to 1.
Cmsnx Million Dollar Text Links 1.0
1 EDB exploit
NA
CVE-2006-2534
Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote malicious users to obtain the installation path via a direct URL to files in the (1) include and (2) themes/original directories.
Greg Donald Destiney Links Script 2.1.2
NA
CVE-2006-2535
index.php in Destiney Links Script 2.1.2 allows remote malicious users to obtain the installation path via an invalid show parameter referencing a non-existent file, which reveals the path in the resulting error message. NOTE: this issue might be resultant from a more serious iss...
Greg Donald Destiney Links Script 2.1.2
NA
CVE-2006-2536
Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) "Search" (term parameter in index.php) and (2) "Add a Site" (add.php) fields.
Greg Donald Destiney Links Script 2.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »