Gonafish Linkscaffe vulnerabilities
3 known vulnerabilities affecting gonafish/linkscaffe.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2006-3884P3HIGHCVSS 7.5PoCv3.02006-07-27
CVE-2006-3884 [HIGH] CVE-2006-3884: Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attacker
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify P
nvd
CVE-2006-3883P4MEDIUMCVSS 4.3PoCv3.02006-07-27
CVE-2006-3883 [MEDIUM] CVE-2006-3883: Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attacker
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.
nvd
CVE-2006-3932P4MEDIUMCVSS 5.1v3.02006-07-31
CVE-2006-3932 [MEDIUM] CVE-2006-3932: SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execu
SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
nvd