37 matches found
CVE-2024-35451
LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF...
CVE-2024-35451
LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF...
CVE-2024-35451
CVE-2024-35451 affects LinkStack versions 2.7.9–4.7.7. A server-side request forgery vulnerability exists in resources/views/components/favicon.blade.php, enabling SSRF via a crafted link. Documented impact includes risk of local network access; no exploit details are provided in the sources. Rem...
LinkStack 安全漏洞
LinkStack is a unique platform from LinkStack Open Source that provides an efficient solution for managing and sharing links online. A security vulnerability exists in LinkStack versions 2.7.9 through 4.7.7 that stems from a server-side request forgery SSRF vulnerability in the...
PT-2024-26507 · Linkstack · Linkstack
Name of the Vulnerable Software and Affected Versions: LinkStack versions 2.7.9 through 4.7.7 Description: The issue is a Server-Side Request Forgery SSRF vulnerability. It affects the resourcesviewscomponentsfavicon.blade.php file, allowing it to be linked with SSRF. This vulnerability poses a...
CVE-2024-35451
LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF...
CVE-2023-5838
Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5838 Insufficient Session Expiration in linkstackorg/linkstack
Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5838
CVE-2023-5838 describes an issue in LinkStack before version 4.2.9 where sessions are not expired after a password change. The vulnerability affects the LinkStack repository on GitHub (linkstackorg/linkstack) and is caused by insufficient session expiration, leading to potential continued use of ...
PT-2023-32370 · Linkstack · Linkstack
Name of the Vulnerable Software and Affected Versions: linkstack versions prior to 4.2.9 Description: The issue is related to insufficient session expiration. Recommendations: For versions prior to 4.2.9, update to version 4.2.9 or later to resolve the issue...
PT-2023-32372 · Linkstack · Linkstack
Name of the Vulnerable Software and Affected Versions: linkstack versions prior to 4.2.9 Description: The issue concerns a weak password recovery mechanism for forgotten passwords. Recommendations: For versions prior to 4.2.9, update to version 4.2.9 or later to resolve the issue...
LinkStack Authorization Issues Vulnerability
LinkStack is a unique platform from LinkStack Open Source that provides an efficient solution for managing and sharing links online. An authorization issue vulnerability exists in versions prior to LinkStack v4.2.9 that stems from the absence of a weak password recovery mechanism for forgotten...
LinkStack Code Issues Vulnerabilities
LinkStack is a unique platform from LinkStack Open Source that provides an efficient solution for managing and sharing links online. A code issue vulnerability exists in versions prior to LinkStack v4.2.9 that stems from an insufficient setting of the session expiration time after a password chan...
Password Reset link hijacking via Host Header Poisoning
Description LinkStack uses the Host header when sending out password reset links. This allows an attacker to insert a malicious host header, leading to password reset link / token leakage. Tested on a default Docker Compose installation of LinkStack https://github.com/LinkStackOrg/linkstack-docke...