CVE-2006-3884

Published: 27/07/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote malicious users to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gonafish linkscaffe 3.0

source: wwwsecurityfocuscom/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities The issues include cross-site scripting and SQL-injection vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input Successful exploitation of these vulnerabilities could allo ...

NVD-CWE-Other http://www.securityfocus.com/bid/19149 http://securitytracker.com/id?1016584 http://secunia.com/advisories/21212 http://www.osvdb.org/27518 http://securityreason.com/securityalert/1287 http://www.vupen.com/english/advisories/2006/2983 https://exchange.xforce.ibmcloud.com/vulnerabilities/27962 https://exchange.xforce.ibmcloud.com/vulnerabilities/27961 http://www.securityfocus.com/archive/1/441087/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28267/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-3884

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect