Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-link vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0262
Stack-based buffer overflow in The Palace 3.5 and previous versions client allows remote malicious users to execute arbitrary code via a link to a palace:// url followed by a long server address string.
The Palace The Palace Client 3.5
NA
CVE-2001-0314
Buffer overflow in www.tol module in America Online (AOL) 5.0 may allow remote malicious users to cause a denial of service, and possibly execute arbitrary commands, via a long URL in a link.
Aol Aol Server 5.0
6.1
CVSSv3
CVE-2018-11093
Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 prior to 10.0.1 allows remote malicious users to inject arbitrary web script through a crafted href attribute of a link (A) element.
Ckeditor Ckeditor 5-link
4.3
CVSSv3
CVE-2019-3851
A vulnerability was found in moodle prior to 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page.
Moodle Moodle
Fedoraproject Fedora -
5.4
CVSSv3
CVE-2020-5266
In the ps_link module for PrestaShop before version 3.1.0, there is a stored XSS when you create or edit a link list block with the title field. The problem is fixed in 3.1.0
Prestashop Prestashop Link
2.7
CVSSv3
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote malicious users to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article.
1234n Minicms 1.10
NA
CVE-2002-2013
Mozilla 0.9.6 and previous versions and Netscape 6.2 and previous versions allows remote malicious users to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Mozilla Mozilla 0.9.2
Mozilla Mozilla 0.9.2.1
Netscape Communicator 4.6
Netscape Communicator 4.61
Netscape Communicator 4.7
Netscape Communicator 4.72
Netscape Communicator 4.0
Netscape Communicator 4.06
Netscape Communicator 4.07
Netscape Communicator 4.08
Netscape Communicator 4.77
Netscape Communicator 4.78
Netscape Navigator 4.77
Netscape Navigator 6.0
Mozilla Mozilla 0.9.4
Mozilla Mozilla 0.9.5
Netscape Communicator 4.5
Netscape Communicator 4.51
Netscape Communicator 4.73
Netscape Communicator 4.75
Netscape Navigator 6.1
Mozilla Mozilla 0.9.3
NA
CVE-2004-2260
Opera Browser 7.23, and other versions prior to 7.50, updates the address bar as soon as the user clicks a link, which allows remote malicious users to redirect to other sites via the onUnload attribute.
Opera Opera Browser
NA
CVE-2006-2495
Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity prior to 1.0-beta3 allows remote malicious users to perform unauthorized actions as a logged-in user via a link or IMG tag.
S9y Serendipity 0.7
S9y Serendipity 0.7.1
S9y Serendipity 0.9.1
S9y Serendipity 1.0 Beta1
S9y Serendipity 0.3
S9y Serendipity 0.4
S9y Serendipity 0.8
S9y Serendipity 0.8.1
S9y Serendipity 1.0 Beta2
S9y Serendipity 0.6
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.5
S9y Serendipity 0.9
S9y Serendipity 0.5
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.8.2
S9y Serendipity 0.8.3
8.8
CVSSv3
CVE-2020-14025
Ozeki NG SMS Gateway up to and including 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password.
Ozeki Ozeki Ng Sms Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »