CyberSec.Space Logo
CVEブラウザに戻る

CVE-2012-0699

HIGH
8.8
CVSS Severity Score
EPSS Score0.0920%
EPSS Percentile31.53th
Published2018年1月11日
Last Modified2024年11月21日

Vulnerability Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.

Affected Platforms (CPE)

📦
Haudenschilt

Family Connections Cms

<= 2.9.0

References & Advisories

🔗 http://www.exploit-db.com/exploits/18667
🔗 http://www.exploit-db.com/exploits/18667

関連する脆弱性情報

CVE-2010-34197.5

Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to e...

CVE-2011-51306.8

dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute ...

CVE-2008-29016.5

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execu...

CVE-2009-20106.5

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated us...