8 results (0.011 seconds)

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation. ELinks 0.12 y Twibright Links 2.3 tienen una falta de validación de certificados SSL. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694658 https://bugzilla.redhat.com/show_bug.cgi?id=881399 • CWE-295: Improper Certificate Validation •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in Links before 2.8 allows remote attackers to cause a denial of service (crash) via crafted HTML tables. Desbordamiento de enteros en Links anterior a la versión 2.8 permite a atacantes remotos provocar una denegación de servicio (caída) a través de tablas HTML. • http://links.twibright.com/download/ChangeLog http://www.debian.org/security/2013/dsa-2807 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 0%CPEs: 92EXPL: 0

Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." Vulnerabilidad no especificada en Links anterior a 2.1, cuando la opción "only proxies" (solo proxies) está activada, tiene un impacto y vectores de ataques desconocidos relacionado con que proporciona "URLs a programas externos". • http://links.twibright.com/download/ChangeLog http://www.securityfocus.com/bid/30422 https://exchange.xforce.ibmcloud.com/vulnerabilities/44035 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 2

admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie. admin/index.php de Maian Links 3.1 y anteriores, permite a atacantes remotos evitar la autenticación y obtener acceso como administrador enviando una cookie links_cookie de su elección. • https://www.exploit-db.com/exploits/6062 http://secunia.com/advisories/31068 http://www.maianscriptworld.co.uk/free-php-scripts/maian-links/development/index.html http://www.maianscriptworld.co.uk/news.html http://www.securityfocus.com/bid/30205 https://exchange.xforce.ibmcloud.com/vulnerabilities/43749 • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 84%CPEs: 2EXPL: 2

Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements. Los navegadores web Links 1.00pre12 y Elinks 0.9.2 con smbclient instalado permite a atacantes remotos ejecutar código arbitrario a través de metacaracteres del shell en un smb:// URI, como se ha demostrado mediante el uso de las sentencias PUT y GET. • https://www.exploit-db.com/exploits/29033 https://www.exploit-db.com/exploits/2784 http://bugzilla.elinks.cz/show_bug.cgi?id=841 http://marc.info/?l=full-disclosure&m=116355556512780&w=2 http://secunia.com/advisories/22905 http://secunia.com/advisories/22920 http://secunia.com/advisories/22923 http://secunia.com/advisories/23022 http://secunia.com/advisories/23132 http://secunia.com/advisories/23188 http://secunia.com/advisories/23234 http://secunia.com/advisories&#x •