CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-2010

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1900%
EPSS Percentile2.95th
Published2009年6月8日
Last Modified2026年4月23日

Vulnerability Description

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter.

Affected Platforms (CPE)

📦
Haudenschilt

Family Connections Cms

<= 1.9
📦
Haudenschilt

Family Connections Cms

= 0.1.1
📦
Haudenschilt

Family Connections Cms

= 0.1.2
📦
Haudenschilt

Family Connections Cms

= 0.5
📦
Haudenschilt

Family Connections Cms

= 0.6
📦
Haudenschilt

Family Connections Cms

= 0.8
📦
Haudenschilt

Family Connections Cms

= 0.9
📦
Haudenschilt

Family Connections Cms

= 1.4
📦
Haudenschilt

Family Connections Cms

= 1.8.1
📦
Haudenschilt

Family Connections Cms

= 1.8.2

References & Advisories

🔗 http://secunia.com/advisories/35039
🔗 http://www.securityfocus.com/archive/1/503477/100/0/threaded
🔗 http://www.securityfocus.com/bid/34935
🔗 http://www.vupen.com/english/advisories/2009/1306
🔗 https://www.exploit-db.com/exploits/8671
🔗 http://secunia.com/advisories/35039
🔗 http://www.securityfocus.com/archive/1/503477/100/0/threaded
🔗 http://www.securityfocus.com/bid/34935

関連する脆弱性情報

CVE-2012-06998.8

Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attac...

CVE-2010-34197.5

Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to e...

CVE-2011-51306.8

dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute ...

CVE-2008-29016.5

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execu...