Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-9495
The syndication-links plugin prior to 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier.
Syndication Links Project Syndication Links
383
VMScore
CVE-2015-9494
The indieweb-post-kinds plugin prior to 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier.
Indieweb Post Kinds Project Indieweb Post Kinds
312
VMScore
CVE-2022-1330
stored xss due to unsantized anchor url in GitHub repository alvarotrigo/fullpage.js before 4.0.4. stored xss .
Fullpage Project Fullpage
383
VMScore
CVE-2015-9500
The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.
Exquisite Ultimate Newspaper Project Exquisite Ultimate Newspaper 1.3.3
312
VMScore
CVE-2021-24470
The Yada Wiki WordPress plugin prior to 3.4.1 did not sanitise, validate or escape the anchor attribute of its shortcode, leading to a Stored Cross-Site Scripting issue
Yada Wiki Project Yada Wiki
NA
CVE-2023-30792
Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources.
Facebook Lexical
383
VMScore
CVE-2008-6283
Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote malicious users to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."
Subtextproject Subtext 2.0
445
VMScore
CVE-2008-1184
The DNSSEC validation library (libval) library in dnssec-tools prior to 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow malicious users to conduct unspecified attacks.
Dnssec-tools Dnssec-tools
383
VMScore
CVE-2007-5443
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.1.3.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) the anchor tag and (2) listtags.
Cmsmadesimple Cms Made Simple 1.1.3.1
470
VMScore
CVE-2017-12373
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote malicious user to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) att...
Cisco Adaptive Security Appliance 5505 Firmware -
Cisco Adaptive Security Appliance 5510 Firmware -
Cisco Adaptive Security Appliance 5520 Firmware -
Cisco Adaptive Security Appliance 5540 Firmware -
Cisco Adaptive Security Appliance 5550 Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »