Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-link vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3392
Cross-site request forgery (CSRF) vulnerability in Web Wiz Forum 9.5 allows remote malicious users to log out a user via a link or IMG tag to log_off_user.asp.
Webwizguide Web Wiz Forum 9.5
NA
CVE-2005-0420
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote malicious users to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Microsoft Exchange Server 2003
1 EDB exploit
NA
CVE-2002-1813
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote malicious users to execute arbitrary programs by specifying the program in the href attribute of a link.
Aol Instant Messenger 4.8.2616
Aol Instant Messenger 4.8.2646
Aol Instant Messenger 5.0.2938
Aol Instant Messenger 4.7.2480
1 EDB exploit
6.5
CVSSv3
CVE-2005-1674
Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote malicious users to perform actions as the administrator via a link or IMG tag to view.php.
Helpcenterlive Help Center Live -
1 EDB exploit
6.1
CVSSv3
CVE-2020-18194
Cross Site Scripting (XSS) in emlog v6.0.0 allows remote malicious users to execute arbitrary code by adding a crafted script as a link to a new blog post.
Emlog Emlog 6.0.0
6.1
CVSSv3
CVE-2018-18625
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
Grafana Grafana 5.3.1
6.1
CVSSv3
CVE-2018-3819
The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions prior to 6.1.3 and 5.6.7 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Elastic Kibana
6.1
CVSSv3
CVE-2017-11482
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions prior to 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Elastic Kibana 5.6.0
Elastic Kibana 5.6.2
Elastic Kibana 5.6.4
Elastic Kibana 6.0.0
Elastic Kibana 5.6.1
Elastic Kibana 5.6.3
7.5
CVSSv3
CVE-2001-1386
WFTPD 3.00 allows remote malicious users to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.
Texasimperialsoftware Wftpd 3.00
4.3
CVSSv3
CVE-2018-18655
Prayer up to and including 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting.
Prayer Project Prayer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »