CVE-2005-4231

The CVE-2005-4231 entry relates to a cross-site scripting (XSS) flaw in Link Up Gold 2.5 and earlier. The vulnerability arises from injectable input in multiple vectors: (1) the link parameter to tell_friend.php, (2) the phrase[] parameter to search.php in a search_links_advanced action, and (3)/...

CVE-2005-4230

CVE-2005-4230 concerns an SQL injection in poll.php of Link Up Gold 2.5 and earlier, exploitable via the number parameter to allow remote execution of arbitrary SQL commands. The core affected software is Link Up Gold (versions up to 2.5 and older). The cited sources (NVD entry) confirm the vulne...