Vulnerabilities > PHP WEB Scripts > Link UP Gold
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-14 | CVE-2005-4231 | Input Validation vulnerability in Link Up Gold Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) link parameter to tell_friend.php, (2) phrase[] parameter to search.php in a search_links_advanced action, and the (3) direction or (4) sort parameter to articles.php. network php-web-scripts | 4.3 |
2005-12-14 | CVE-2005-4230 | Input Validation vulnerability in Link Up Gold SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the number parameter. | 7.5 |