66biolinks

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-69602 CRITICAL POC Act Now

66biolinks v62.0.0 has a session fixation vulnerability where the application doesn't regenerate session IDs after authentication, enabling session hijacking.

Information Disclosure 66biolinks
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-69601 MEDIUM POC This Month

A directory traversal (Zip Slip) vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. [CVSS 6.5 MEDIUM]

Path Traversal 66biolinks
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-66939 MEDIUM POC This Month

Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file [CVSS 5.4 MEDIUM]

XSS 66biolinks
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-69602
EPSS 0% CVSS 9.1
CRITICAL POC Act Now

66biolinks v62.0.0 has a session fixation vulnerability where the application doesn't regenerate session IDs after authentication, enabling session hijacking.

Information Disclosure 66biolinks
NVD GitHub
CVE-2025-69601
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A directory traversal (Zip Slip) vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. [CVSS 6.5 MEDIUM]

Path Traversal 66biolinks
NVD GitHub
CVE-2025-66939
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file [CVSS 5.4 MEDIUM]

XSS 66biolinks
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy