CVE-2012-0699 in CMSinfo

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

01/14/2012

Disclosure

01/11/2018

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-352

Exploit

Download

CVSS

6.5

EPSS

0.00394

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-0699
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0699
CVE Details	https://www.cvedetails.com/cve/CVE-2012-0699/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!