CVE-2007-3651 Information

Description

class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a ‘; (quote semicolon) sequence in the id parameter which reveals the installation path in an error message.

Reference

http://descriptions.securescout.com/tc/17971 http://www.netvigilance.com/advisory0041