Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web links module vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-26489
A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field.
7.5
CVSSv3
CVE-2022-30333
RARLAB UnRAR prior to 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
Rarlab Unrar
2 Metasploit modules
4 Github repositories
1 Article
7.5
CVSSv3
CVE-2021-45034
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions...
Siemens Cp-8000 Master Module With I\\/o -25\\/\\+70 Firmware
Siemens Cp-8000 Master Module With I\\/o -40\\/\\+70 Firmware
Siemens Cp-8021 Master Module Firmware
Siemens Cp-8022 Master Module With Gprs Firmware
5.3
CVSSv3
CVE-2020-6873
A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment...
Zte Zxr10 2800-4 Almpufb\\(low\\) Firmware
7.5
CVSSv3
CVE-2019-12656
A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote malicious user to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. The vulnerability is due to a Tran...
Cisco Ios 1.8.0
Cisco Ios 1.6.0.0
Cisco Industrial Ethernet 2000 Series Firmware 15.2\\(6\\)e
Cisco Ic3000 Firmware -
Cisco Ie 4000 Firmware -
Cisco Cgr 1000 Firmware -
Cisco Ir510 Wpan Firmware -
6.1
CVSSv3
CVE-2017-18121
The consentAdmin module in SimpleSAMLphp up to and including 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an malicious user to craft links that could execute arbitrary JavaScript code on the victim's web browser.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-5689
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged netwo...
Intel Active Management Technology Firmware 6.1
Intel Active Management Technology Firmware 6.2
Intel Active Management Technology Firmware 10.0
Intel Active Management Technology Firmware 11.0
Intel Active Management Technology Firmware 6.0
Intel Active Management Technology Firmware 9.0
Intel Active Management Technology Firmware 9.1
Intel Active Management Technology Firmware 9.5
Intel Active Management Technology Firmware 7.0
Intel Active Management Technology Firmware 7.1
Intel Active Management Technology Firmware 11.5
Intel Active Management Technology Firmware 11.6
Intel Active Management Technology Firmware 8.0
Intel Active Management Technology Firmware 8.1
1 EDB exploit
2 Metasploit modules
1 Nmap script
35 Github repositories
3 Articles
NA
CVE-2015-5497
Cross-site scripting (XSS) vulnerability in the Web Links module 6.x-2.x prior to 6.x-2.6 and 7.x-1.x prior to 7.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.
Web Links Project Web Links 6.x-2.0
Web Links Project Web Links 7.x-1.0
Web Links Project Web Links 7.x-1.x
Web Links Project Web Links 6.x-2.5
Web Links Project Web Links 6.x-2.4
Web Links Project Web Links 6.x-2.2
Web Links Project Web Links 6.x-2.3
Web Links Project Web Links 6.x-2.1
NA
CVE-2014-9740
Cross-site scripting (XSS) vulnerability in the Rules Link module 7.x-1.x prior to 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly ha...
Rules Link Project Rules Link 7.x-1.0
NA
CVE-2015-4388
Cross-site scripting (XSS) vulnerability in the Current Search Links module 7.x-1.x prior to 7.x-1.1 for Drupal, when the "Append the keywords passed by the user to the list" option is disabled, allows remote malicious users to inject arbitrary web script or HTML via a ...
Current Search Links Project Current Search Links 7.x-1.x-dev
Current Search Links Project Current Search Links 7.x-1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »