Description

Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the current_user_id parameter to (1) familynews.php and (2) settings.php.

Remediation

References

CVE-2010-3419

Related Vulnerabilities

WordPress Plugin Portfolio Responsive Gallery SQL Injection (1.1.7)

OpenSSL Other Vulnerability (CVE-2004-0112)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16864)

WordPress Plugin Neuvoo Jobs Cross-Site Scripting (2.0)

WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24)

Severity

High

Classification

CVE-2010-3419 CWE-94

Tags

Missing Update Known Vulnerabilities