📦

links

Vendor: twibright_labs

Actively Exploited 0 CISA KEV List

PoC / Exploits 6 Code Available

Total RCEs 2 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 5.72% Exploit Prob.

Latest CVE CVE-2012-6709 Feb 23

Security Vulnerability Index

Page 1 / 1

5.9 CVSS

CVE-2012-6709

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.

EPSS: 0.19%

Severity: MEDIUM

Feb 23, 2018

5.5 CVSS

CVE-2017-11114

The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file.

EPSS: 0.40%

Severity: MEDIUM

Jul 31, 2017

4.3 CVSS

CVE-2013-6050

Integer overflow in Links before 2.8 allows remote attackers to cause a denial of service (crash) via crafted HTML tables.

EPSS: 0.38%

Severity: MEDIUM

Dec 07, 2013

7.5 CVSS

CVE-2010-4006

Exploit Found

Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.

EPSS: 1.38%

Severity: HIGH

Nov 03, 2010

7.5 CVSS

CVE-2008-6032

Exploit Found

SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter.

EPSS: 0.41%

Severity: HIGH

Feb 03, 2009

6.8 CVSS

CVE-2008-3555

Exploit Found

Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1.30 and earlier, (3) Knowledge Base (WSNKB) 4.1.36 and earlier, (4) Links 4.1.44 and earlier, and possibly (5) Classifieds before 4.1.30 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the TID parameter, as demonstrated by uploading a .jpg file containing PHP sequences.

EPSS: 3.29%

Severity: MEDIUM

Aug 08, 2008

9.3 CVSS

CVE-2008-3329

Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."

EPSS: 0.18%

Severity: HIGH

Jul 27, 2008

7.5 CVSS

CVE-2008-3319

Exploit Found

admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.

EPSS: 8.97%

Severity: HIGH

Jul 25, 2008

7.5 CVSS

CVE-2006-5925

RCE Exploit Found

Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.

EPSS: 33.21%

Severity: HIGH

Nov 15, 2006

5.0 CVSS

CVE-2004-1616

Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme.

EPSS: 1.30%

Severity: MEDIUM

Oct 18, 2004

Displaying 10 of 1 Total Entries

Total 1 Sections