Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Web Links Security Vulnerabilities

cve
cve

CVE-2022-23173

this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get an....

6.3CVSS

6.3AI Score

0.001EPSS

2022-07-06 02:15 PM
34
5
cve
cve

CVE-2018-20436

The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more.....

8.1CVSS

7.8AI Score

0.009EPSS

2018-12-24 08:29 PM
81
cve
cve

CVE-2018-0940

Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016...

6.5CVSS

6.5AI Score

0.003EPSS

2018-03-14 05:29 PM
62
cve
cve

CVE-2015-5497

Cross-site scripting (XSS) vulnerability in the Web Links module 6.x-2.x before 6.x-2.6 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified...

5.5AI Score

0.001EPSS

2015-08-18 05:59 PM
20
cve
cve

CVE-2010-5083

SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to...

8.7AI Score

0.001EPSS

2012-02-14 08:55 PM
20
cve
cve

CVE-2008-0879

SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink...

8.4AI Score

0.001EPSS

2008-02-21 07:44 PM
16
cve
cve

CVE-2007-5598

Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.8AI Score

0.002EPSS

2007-10-19 11:17 PM
19
cve
cve

CVE-2006-6645

PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx_links) 2.05 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path...

7.9AI Score

0.039EPSS

2006-12-20 02:28 AM
19
cve
cve

CVE-2001-0898

Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via...

6.8AI Score

0.02EPSS

2002-02-02 05:00 AM
27