22 matches found
EUVD-2007-3636
Malware in sbrugna...
EUVD-2007-3637
Malware in sbrugna...
EUVD-2007-3635
Malware in sbrugna...
EUVD-2008-5736
Malware in sbrugna...
CVE-2007-3652
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...
CVE-2007-3651
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
CVE-2008-5766
SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-5766
SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-3653
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
CVE-2007-3652
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...
CVE-2007-3651
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
Design/Logic Flaw
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
Sql injection
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...
CVE-2007-3653
CVE-2007-3653 concerns multiple XSS vulnerabilities in FaName 1.0 (FaScript/Farsi Script). The affected component is FaName 1.0’s web front end (index.php and page.php) where user-controlled inputs in the key, desc, and name parameters can be injected with arbitrary HTML/JS. The root cause is ins...
CVE-2007-3651
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
CVE-2007-3651
class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to obtain sensitive information via a '; quote semicolon sequence in the id parameter, which reveals the installation path in an error message...
CVE-2007-3653
Multiple cross-site scripting XSS vulnerabilities in Farsi Script aka FaScript FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 key or 2 desc parameter to index.php, or 3 the name parameter to page.php...
CVE-2007-3652
FaName 1.0 (FaScript) is affected by a SQL injection vulnerability in the page handling modules (class/page.php / page.php) that allows remote attackers to alter the database via the id parameter. This is documented across multiple sources (NVD, Red Hat CVE, PRION, CVE lists) as CVE-2007-3652, wi...
CVE-2007-3652
SQL injection vulnerability in class/page.php in Farsi Script aka FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328...