31 matches found
EUVD-2006-3878
Malware in sbrugna...
EUVD-2006-3877
Malware in sbrugna...
EUVD-2006-4450
Malware in sbrugna...
EUVD-2006-3926
Malware in sbrugna...
Gonafish LinksCaffe Authentication Bypass Vulnerability
An authentication bypass vulnerability exists in Gonafish LinksCaffe due to a lack of required authentication for the application's admin script. Allowing an attacker to simply use the admin function by knowing the name and location of the script...
LinksCaffe 3.0 counter.php tablewidth Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
LinksCaffe 3.0 links.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
LinksCaffe 2.0/3.0 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19763/info LinksCaffe is prone to an authentication-bypass vulnerability because of a lack of required authentication on the application's administrative script. An attacker can use administrative functions simply by...
LinksCaffe 3.0 links.php newdays Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
LinksCaffe 3.0 menu.inc.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...
CVE-2006-4462
Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php...
CVE-2006-4462
Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php...
CVE-2006-4462
Gonafish.com LinksCaffe 2.0 and 3.0 expose an access control flaw that lets remote attackers obtain full administrator rights via a direct request to Admin/admin1953.php. The affected components are the LinksCaffe admin functions, and the root cause is improper restriction of administrator-area a...
linkscaffe30.txt
Gonafish.com LinksCaffe 3.0 is free link indexing directory, we found that the file admin1953.php can be accessed directly to get full administration rights without password and username. Proof of exploit: http://www.example.com/pathtolinksCaffe/Admin/admin1953.php Or the images of mirror...
LinksCaffe no checker at admin
Gonafish.com LinksCaffe 3.0 is free link indexing directory, we found that the file admin1953.php can be accessed directly to get full administration rights without password and username. Proof of exploit: http://www.example.com/pathtolinksCaffe/Admin/admin1953.php Or the images of mirror...
CVE-2006-3932
SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
CVE-2006-3932
Gonafish LinksCaffe 3.0 is affected by a SQL injection in links.php, exploitable via the cat parameter, allowing remote attackers to execute arbitrary SQL commands. The vulnerability is documented in CVE-2006-3932 with notes that provenance is from third-party information. According to the availa...
CVE-2006-3932
SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
CVE-2006-3884
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the 1 offset and 2 limit parameters, 3 newdays parameter in a new action, and the 4 linkid parameter in a deadlink action. NOTE: this issue can also be used...
CVE-2006-3883
Multiple cross-site scripting XSS vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the tablewidth parameter in a counter.php; 2 the newdays parameter in b links.php; and the 3 tableborder, 4 menucolor, 5 textcolor, and 6 bodycolor...