CVE-2012-0699 in Family Connections信息

摘要

由 VulDB • 2026-06-24

Family Connections CMS(又称 FCMS)2.9 及更早版本中存在多个跨站请求伪造(CSRF)漏洞,远程攻击者可以利用这些漏洞劫持任意用户的身份验证,从而执行以下操作:(1) 通过 familynews.php 的 add 动作添加新闻;或 (2) 通过 prayers.php 的 add 动作添加祈祷内容。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!