Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
links vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-1095
The Mihdan: No External Links WordPress plugin prior to 5.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example...
Mihdan\\ No External Links Project Mihdan\\
5
CVSSv2
CVE-2006-2534
Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote malicious users to obtain the installation path via a direct URL to files in the (1) include and (2) themes/original directories.
Greg Donald Destiney Links Script 2.1.2
5
CVSSv2
CVE-2006-2535
index.php in Destiney Links Script 2.1.2 allows remote malicious users to obtain the installation path via an invalid show parameter referencing a non-existent file, which reveals the path in the resulting error message. NOTE: this issue might be resultant from a more serious iss...
Greg Donald Destiney Links Script 2.1.2
6.4
CVSSv2
CVE-2006-2585
SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote malicious users to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Greg Donald Destiney Links Script 2.1.2
4.3
CVSSv2
CVE-2008-7121
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the search bar.
Mrcgiguy Hot Links Sql-php 3
7.5
CVSSv2
CVE-2009-1582
Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote malicious users to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.
Kalptarudemos Million Dollar Text Links 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2012-6709
ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.
Elinks Elinks 0.12
Twibright Links 2.3
4.3
CVSSv2
CVE-2005-4042
Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a parameter to search.cgi.
Mr. Cgi Guy Warm Links 1.0.0
5.8
CVSSv2
CVE-2006-2536
Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) "Search" (term parameter in index.php) and (2) "Add a Site" (add.php) fields.
Greg Donald Destiney Links Script 2.1.2
7.5
CVSSv2
CVE-2008-4086
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote malicious users to execute arbitrary SQL commands via the site parameter in an open action.
Source Workshop Reciprocal Links Manager 1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »