cve/2006/CVE-2006-3883.md

CVE-2006-3883

Description

Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.

POC

Reference

• http://securityreason.com/securityalert/1287

Github

No PoCs found on GitHub currently.