Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-link vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0420
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote malicious users to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Microsoft Exchange Server 2003
1 EDB exploit
NA
CVE-2002-1813
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote malicious users to execute arbitrary programs by specifying the program in the href attribute of a link.
Aol Instant Messenger 4.8.2616
Aol Instant Messenger 4.8.2646
Aol Instant Messenger 5.0.2938
Aol Instant Messenger 4.7.2480
1 EDB exploit
6.5
CVSSv3
CVE-2005-1674
Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote malicious users to perform actions as the administrator via a link or IMG tag to view.php.
Helpcenterlive Help Center Live -
1 EDB exploit
NA
CVE-2004-1889
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 up to and including 6.5.23 allows remote malicious users to cause a denial of service (hang) via a link failure with Microsoft Windows.
Sgi Irix 6.5.21m
Sgi Irix 6.5.22
Sgi Irix 6.5.20
Sgi Irix 6.5.20f
Sgi Irix 6.5.23
Sgi Irix 6.5.20m
Sgi Irix 6.5.21
Sgi Irix 6.5.21f
NA
CVE-2015-1370
Incomplete blacklist vulnerability in marked 0.3.2 and previous versions for Node.js allows remote malicious users to conduct cross-site scripting (XSS) attacks via a vbscript tag in a link.
Marked Project Marked
6.1
CVSSv3
CVE-2020-18194
Cross Site Scripting (XSS) in emlog v6.0.0 allows remote malicious users to execute arbitrary code by adding a crafted script as a link to a new blog post.
Emlog Emlog 6.0.0
6.1
CVSSv3
CVE-2017-11482
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions prior to 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Elastic Kibana 5.6.0
Elastic Kibana 5.6.2
Elastic Kibana 5.6.4
Elastic Kibana 6.0.0
Elastic Kibana 5.6.1
Elastic Kibana 5.6.3
6.1
CVSSv3
CVE-2018-3819
The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions prior to 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Elastic Kibana
4.3
CVSSv3
CVE-2018-18655
Prayer up to and including 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting.
Prayer Project Prayer
7.5
CVSSv3
CVE-2001-1386
WFTPD 3.00 allows remote malicious users to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.
Texasimperialsoftware Wftpd 3.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »