Notify Technology Notifylink — known CVE vulnerabilities
Every CVE whose affected-product data names Notify Technology Notifylink, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2005-0809 — CVSS 7.5 (high): NotifyLink, when configured for client key retrieval, allows remote attackers to obtain AES keys via a direct request to /hwp/get.asp, then…
CVE-2005-0810 — CVSS 7.5 (high): SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL.
CVE-2005-0812 — CVSS 5.0 (medium): The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local…
CVE-2005-0811 — CVSS 4.6 (medium): The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been disabled in the GUI, which allows remote…