4 matches found
CVE-2007-3652
FaName 1.0 (FaScript) is affected by a SQL injection vulnerability in the page handling modules (class/page.php / page.php) that allows remote attackers to alter the database via the id parameter. This is documented across multiple sources (NVD, Red Hat CVE, PRION, CVE lists) as CVE-2007-3652, wi...
CVE-2008-0328
CVE-2008-0328 describes an SQL injection in page.php of FaScript FaName 1.0, where the attacker can manipulate the id parameter to execute arbitrary SQL commands. The vulnerability is caused by unsafely incorporating user input into SQL queries, enabling unauthenticated remote access with potenti...
CVE-2007-3653
CVE-2007-3653 concerns multiple XSS vulnerabilities in FaName 1.0 (FaScript/Farsi Script). The affected component is FaName 1.0’s web front end (index.php and page.php) where user-controlled inputs in the key, desc, and name parameters can be injected with arbitrary HTML/JS. The root cause is ins...
CVE-2007-3651
Technical details about CVE-2007-3651 are not publicly available in the provided documents; no product/version specifics are disclosed. Monitor for updates.