Vulnerabilities > Gonafish > Linkscaffe
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-31 | CVE-2006-3932 | SQL-Injection vulnerability in Gonafish Linkscaffe 3.0 SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 5.1 |
2006-07-27 | CVE-2006-3884 | Input Validation vulnerability in Gonafish Linkscaffe 3.0 Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. | 7.5 |
2006-07-27 | CVE-2006-3883 | Input Validation vulnerability in Gonafish Linkscaffe 3.0 Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php. network gonafish | 4.3 |