Search
Find a vulnerability
Search criteria
6 vulnerabilities found for linkscaffe by gonafish
CVE-2006-3932 (GCVE-0-2006-3932)
Vulnerability from nvd – Published: 2006-07-31 21:00 – Updated: 2024-08-07 18:48
VLAI
Summary
SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21212 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2983 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3932",
"datePublished": "2006-07-31T21:00:00.000Z",
"dateReserved": "2006-07-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3884 (GCVE-0-2006-3884)
Vulnerability from nvd – Published: 2006-07-27 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19149 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/27518 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21212 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2983 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/441087/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1287 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1016584 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-07-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linkscaffe-links-path-disclosure(27962)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27962"
},
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "27518",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27518"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linkscaffe-links-path-disclosure(27962)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27962"
},
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "27518",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27518"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linkscaffe-links-path-disclosure(27962)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27962"
},
{
"name": "19149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "27518",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27518"
},
{
"name": "21212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "1287",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3884",
"datePublished": "2006-07-27T00:00:00.000Z",
"dateReserved": "2006-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3883 (GCVE-0-2006-3883)
Vulnerability from nvd – Published: 2006-07-27 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/19149 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/21212 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/27520 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2006/2983 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/441087/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/27521 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/1287 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1016584 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/27519 | vdb-entryx_refsource_OSVDB |
Date Public
2006-07-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "27520",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27520"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-multiple-xss(27960)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27960"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "27521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27521"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "27519",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "27520",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27520"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-multiple-xss(27960)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27960"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "27521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27521"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "27519",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "21212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21212"
},
{
"name": "27520",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27520"
},
{
"name": "ADV-2006-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-multiple-xss(27960)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27960"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "27521",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27521"
},
{
"name": "1287",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "27519",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3883",
"datePublished": "2006-07-27T00:00:00.000Z",
"dateReserved": "2006-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3932 (GCVE-0-2006-3932)
Vulnerability from cvelistv5 – Published: 2006-07-31 21:00 – Updated: 2024-08-07 18:48
VLAI
Summary
SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21212 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2983 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3932",
"datePublished": "2006-07-31T21:00:00.000Z",
"dateReserved": "2006-07-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3884 (GCVE-0-2006-3884)
Vulnerability from cvelistv5 – Published: 2006-07-27 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19149 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/27518 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21212 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2983 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/441087/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1287 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1016584 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-07-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linkscaffe-links-path-disclosure(27962)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27962"
},
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "27518",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27518"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linkscaffe-links-path-disclosure(27962)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27962"
},
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "27518",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27518"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linkscaffe-links-path-disclosure(27962)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27962"
},
{
"name": "19149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "27518",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27518"
},
{
"name": "21212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21212"
},
{
"name": "ADV-2006-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "1287",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "linkscaffe-links-sql-injection(27961)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27961"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3884",
"datePublished": "2006-07-27T00:00:00.000Z",
"dateReserved": "2006-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3883 (GCVE-0-2006-3883)
Vulnerability from cvelistv5 – Published: 2006-07-27 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/19149 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/21212 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/27520 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2006/2983 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/441087/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/27521 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/1287 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1016584 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/27519 | vdb-entryx_refsource_OSVDB |
Date Public
2006-07-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "27520",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27520"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-multiple-xss(27960)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27960"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "27521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27521"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "27519",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "21212",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21212"
},
{
"name": "27520",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27520"
},
{
"name": "ADV-2006-2983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-multiple-xss(27960)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27960"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "27521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27521"
},
{
"name": "1287",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "27519",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19149"
},
{
"name": "21212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21212"
},
{
"name": "27520",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27520"
},
{
"name": "ADV-2006-2983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2983"
},
{
"name": "linkscaffe-multiple-xss(27960)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27960"
},
{
"name": "20060725 LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441087/100/0/threaded"
},
{
"name": "27521",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27521"
},
{
"name": "1287",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1287"
},
{
"name": "1016584",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016584"
},
{
"name": "27519",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3883",
"datePublished": "2006-07-27T00:00:00.000Z",
"dateReserved": "2006-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}