Description
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Testimonials Cross-Site Request Forgery (3.6.1)
WordPress Plugin Collision Testimonials 'admin.php' SQL Injection (3.0)
SharePoint CVE-2021-31964 Vulnerability (CVE-2021-31964)
MySQL CVE-2012-0101 Vulnerability (CVE-2012-0101)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3180)