Vulnerabilidades en Kovah

18 resultados

CVE-2026-45344HIGHLinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instancesEPSS 0.5%CVE-2024-56508HIGHFile Upload Vulnerability Leading to XSS in LinkAce v1.15.5EPSS 0.4%CVE-2025-62720HIGHLinkAce: Data Exfiltration via Export Functions Allow Access to All Users' Private LinksEPSS 0.3%CVE-2025-62721HIGHLinkAce: Authorization Bypass Allows Unauthorized Access to All Private Links, Lists, and TagsEPSS 0.3%CVE-2025-59424HIGHLinkAce Vulnerable to Stored XSS on the Audit PageEPSS 0.3%CVE-2026-33954MEDIUMLinkAce discloses private notesto unauthorized authenticated users via the web link detail pageEPSS 0.3%CVE-2026-45343HIGHLinkAce - Stored XSS via Unsanitized SSO User's Name Rendered in Admin Audit Log Allows Session HijackingEPSS 0.3%CVE-2026-40905HIGHLinkAce: Password Reset Poisoning via X-Forwarded-Host Header Injection Leading to Account TakeoverEPSS 0.3%CVE-2024-56507MEDIUMReflected Cross-Site Scripting (XSS) Vulnerability in LinkAceEPSS 0.3%CVE-2025-62719LOWLinkAce: Limited Server-Side Request Forgery (SSRF) in Keyword Fetching FunctionalityEPSS 0.3%CVE-2026-35516MEDIUMLinkAce has SSRF via CheckLinksCommand - Link URL Update Bypasses laravel-html-meta ProtectionEPSS 0.3%CVE-2026-33953HIGHLinkAce's SSRF protection can be bypassed via internal hostname resolution in LinkAceEPSS 0.3%CVE-2025-53838HIGHLinkAce has a Stored One Click XSS vulnerabilityEPSS 0.2%CVE-2026-45342HIGHLinkAce: IDOR in Update Policies Allows Any Authenticated User to Overwrite Other Users' Links, Lists, Tags, and NotesEPSS 0.2%CVE-2026-27458HIGHLinkAce: Stored XSS in Atom Feed via CDATA Escape in List DescriptionEPSS 0.2%CVE-2026-30953HIGHLinkAce affected by SSRF via link creation: NoPrivateIpRule not applied to LinkStoreRequestEPSS 0.2%CVE-2025-62722HIGHLinkAce: Stored XSS Vulnerability in Link Title Field Through Social Media Sharing FeatureEPSS 0.2%CVE-2026-30954MEDIUMLinkAce has a Cross-User Tag/List Attachment IDOR in processTaxonomy()EPSS 0.2%