VYPR

Linkscaffe

by Gonafish

CVEs (5)

  • CVE-2008-4202Sep 24, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 allows remote attackers to execute arbitrary SQL commands via the idd parameter in a deadlink action.

  • CVE-2006-3883Jul 27, 2006
    risk 0.03cvss epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor,…

  • CVE-2006-3884Jul 27, 2006
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE:…

  • CVE-2006-4462Aug 31, 2006
    risk 0.00cvss epss 0.02

    Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php.

  • CVE-2006-3932Jul 31, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.