Particle Soft » Particle Links : Security Vulnerabilities, CVEs,
Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php and (2) page_header.php, which displays the path in an error message.
Max CVSS
5.0
EPSS Score
0.69%
Published
2006-06-08
Updated
2018-10-18
SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
Max CVSS
7.5
EPSS Score
0.33%
Published
2006-06-08
Updated
2018-10-18
Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Max CVSS
2.6
EPSS Score
0.68%
Published
2006-06-08
Updated
2018-10-18
Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.
Max CVSS
5.0
EPSS Score
0.34%
Published
2006-06-08
Updated
2018-10-18
4 vulnerabilities found