Weblinks
by Allomani
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-7247 | 0.03 | — | 0.00 | Sep 6, 2012 | SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | |||
| CVE-2010-2679 | 0.03 | — | 0.00 | Jul 8, 2010 | SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | |||
| CVE-2006-3262 | 0.03 | — | 0.04 | Jun 27, 2006 | SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | |||
| CVE-2014-8593 | 0.00 | — | 0.00 | Nov 4, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter to admin.php or (3) go.php. | |||
| CVE-2014-8766 | 0.00 | — | 0.00 | Oct 14, 2014 | Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in a browse action to index.php or (2) unspecified parameters to admin.php. | |||
| CVE-2007-5598 | 0.00 | — | 0.01 | Oct 19, 2007 | Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-0377 | 0.00 | — | 0.01 | Jan 19, 2007 | Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other unspecified vectors. | |||
| CVE-2007-0387 | 0.00 | — | 0.00 | Jan 19, 2007 | SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||
| CVE-2006-3263 | 0.00 | — | 0.01 | Jun 27, 2006 | SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||
| CVE-2004-2019 | 0.00 | — | 0.00 | Dec 31, 2004 | The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. |
- CVE-2006-7247Sep 6, 2012risk 0.03cvss —epss 0.00
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
- CVE-2010-2679Jul 8, 2010risk 0.03cvss —epss 0.00
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
- CVE-2006-3262Jun 27, 2006risk 0.03cvss —epss 0.04
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
- CVE-2014-8593Nov 4, 2014risk 0.00cvss —epss 0.00
Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter to admin.php or (3) go.php.
- CVE-2014-8766Oct 14, 2014risk 0.00cvss —epss 0.00
Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in a browse action to index.php or (2) unspecified parameters to admin.php.
- CVE-2007-5598Oct 19, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-0377Jan 19, 2007risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other unspecified vectors.
- CVE-2007-0387Jan 19, 2007risk 0.00cvss —epss 0.00
SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter.
- CVE-2006-3263Jun 27, 2006risk 0.00cvss —epss 0.01
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
- CVE-2004-2019Dec 31, 2004risk 0.00cvss —epss 0.00
The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message.