27 matches found
CVE-2007-3652
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...
FaScript FaName 1.0 - (page.php) Remote SQL Injection Vulnerability
No description provided by source. FaScript FaName v1 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://www.hotscripts.com/Detailed/66472.html Injection Adress : http://Sitename/faname/page.php?id=SqL Code Help : In This Script Admin Username and Password Save in...
FaName 1.0 index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...
FaName 1.0 page.php name Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...
CVE-2007-3653
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
CVE-2007-3651
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
Design/Logic Flaw
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
Sql injection
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...
CVE-2007-3653
CVE-2007-3653 concerns multiple XSS vulnerabilities in FaName 1.0 (FaScript/Farsi Script). The affected component is FaName 1.0’s web front end (index.php and page.php) where user-controlled inputs in the key, desc, and name parameters can be injected with arbitrary HTML/JS. The root cause is ins...
CVE-2007-3651
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
CVE-2007-3652
FaName 1.0 (FaScript) is affected by a SQL injection vulnerability in the page handling modules (class/page.php / page.php) that allows remote attackers to alter the database via the id parameter. This is documented across multiple sources (NVD, Red Hat CVE, PRION, CVE lists) as CVE-2007-3652, wi...
CVE-2007-3653
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
CVE-2007-3652
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...
FaName 1.0 - page.php?name Cross-Site Scripting
FaName 1.0 - page.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code i...
FaName 1.0 - 'page.php?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
FaName 1.0 - index.php Multiple Cross-Site Scripting Vulnerabilities
FaName 1.0 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
FaName 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Sql injection
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-0328
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...