CVE-2006-3883

Name of the Vulnerable Software and Affected Versions Gonafish LinksCaffe version 3.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via several parameters in different files, including the tablewidth parameter in "counter.php", the newdays parameter in "links.php", and the tableborder, menucolor, textcolor, and bodycolor parameters in "menu.inc.php".

Recommendations For Gonafish LinksCaffe version 3.0, consider disabling the vulnerable parameters tablewidth, newdays, tableborder, menucolor, textcolor, and bodycolor in the respective files until a patch is available. Restrict access to the affected files "counter.php", "links.php", and "menu.inc.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.