CyberSec.Space Logo
Back to CVE Browser

CVE-2008-2901

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1940%
EPSS Percentile0.40th
PublishedJun 30, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action.

Affected Platforms (CPE)

πŸ“¦
Haudenschilt

Family Connections Cms

= 1.4

References & Advisories

πŸ”— http://secunia.com/advisories/30680
πŸ”— http://www.securityfocus.com/bid/29722
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/43097
πŸ”— https://www.exploit-db.com/exploits/5811
πŸ”— http://secunia.com/advisories/30680
πŸ”— http://www.securityfocus.com/bid/29722
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/43097
πŸ”— https://www.exploit-db.com/exploits/5811

Related Vulnerabilities

CVE-2012-06998.8

Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attac...

CVE-2010-34197.5

Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to e...

CVE-2011-51306.8

dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute ...

CVE-2009-20106.5

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated us...