CVE-2009-2010 in Family Connections CMSinfo

Summary

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

06/08/2009

Disclosure

06/08/2009

Moderation

VulDB entry created

Entries

VDB-48478 (1)

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

6.3

EPSS

0.00302

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2009-2010
NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-2010
CVE Details	https://www.cvedetails.com/cve/CVE-2009-2010/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!