漏洞关键信息 漏洞名称 FaScript FaUpload (download.php) SQL Injection Vulnerability 发布日期 2009-01-02 风险等级 High 本地影响 No 远程影响 Yes CVSS Base Score 7.5/10 Impact Subscore: 6.4/10 Exploitability Subscore: 10/10 Attack complexity: Low Authentication: No required Confidentiality impact: Partial Integrity impact: Partial Availability impact: Partial 报告人 ZAC003 From Aria-Security.Net 漏洞脚本 漏洞利用示例 参考链接 http://xforce.iss.net/xforce/xfdb/47394