NoName Script Multiple Remote Vulnerabilities
NoName Script is prone to multiple vulnerabilities including a directory-traversal issue, an SQL-injection issue, and two cross-site request-forgery issues.
Attackers can exploit these issues to:
- view arbitrary local files within the context of the webserver
- edit other users' profile information
- log out an admin user
- compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect NoName Script 1.1 BETA and prior versions.