Vulnerabilities > CVE-2006-3883 - Input Validation vulnerability in Gonafish Linkscaffe 3.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

gonafish

exploit available

NVD

Published: 2006-07-27

Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.

Vulnerable Configurations

Part	Description	Count
Application	Gonafish Gonafish Linkscaffe 3.0	1

Exploit-Db

description	LinksCaffe 3.0 links.php newdays Parameter XSS. CVE-2006-3883. Webapps exploit for php platform
id	EDB-ID:28269
last seen	2016-02-03
modified	2006-07-25
published	2006-07-25
reporter	simo64
source	https://www.exploit-db.com/download/28269/
title	LinksCaffe 3.0 links.php newdays Parameter XSS

description	LinksCaffe 3.0 counter.php tablewidth Parameter XSS. CVE-2006-3883. Webapps exploit for php platform
id	EDB-ID:28268
last seen	2016-02-03
modified	2006-07-25
published	2006-07-25
reporter	simo64
source	https://www.exploit-db.com/download/28268/
title	LinksCaffe 3.0 counter.php tablewidth Parameter XSS

description	LinksCaffe 3.0 menu.inc.php Multiple Parameter XSS. CVE-2006-3883. Webapps exploit for php platform
id	EDB-ID:28270
last seen	2016-02-03
modified	2006-07-25
published	2006-07-25
reporter	simo64
source	https://www.exploit-db.com/download/28270/
title	LinksCaffe 3.0 menu.inc.php Multiple Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

References