This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | K-78 | First view | 2019-10-07 |
Product | Broken Link Manager | Last view | 2019-10-10 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:k-78:broken_link_manager:0.4.5:*:*:*:*:wordpress:*:* | 3 |
cpe:2.3:a:k-78:broken_link_manager:*:*:*:*:*:wordpress:*:* | 2 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.1 | 2019-10-10 | CVE-2015-9468 | The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action. |
9.8 | 2019-10-10 | CVE-2015-9467 | The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter. |
6.1 | 2019-10-07 | CVE-2015-9453 | The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
66% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
33% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |