Published: 14/08/2007 Updated: 15/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

index.php in Ryan Haudenschilt Family Connections (FCMS) prior to 0.9 allows remote malicious users to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
haudenschilt family connections cms 0.1.1
haudenschilt family connections cms 0.1.2
haudenschilt family connections cms 0.5
haudenschilt family connections cms 0.6
haudenschilt family connections cms

source: wwwsecurityfocuscom/bid/25276/info Haudenschilt Family Connections is prone to an authentication-bypass vulnerability Attackers can exploit this issue to gain unauthorized access This may facilitate a compromise of the application and underlying webserver; other attacks are also possible Family Connections versions prior to 0 ...

CWE-264 http://www.securityfocus.com/bid/25276 http://secunia.com/advisories/26421 http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513 http://www.attrition.org/pipermail/vim/2007-August/001762.html http://www.attrition.org/pipermail/vim/2007-August/001768.html http://securityreason.com/securityalert/3009 http://osvdb.org/39534 https://exchange.xforce.ibmcloud.com/vulnerabilities/35966 http://www.securityfocus.com/archive/1/476293/100/0/threaded http://www.securityfocus.com/archive/1/476142/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30488/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4338

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect