Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2901

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-2901
Last Modified 08 Apr 2009 01:27:12
Published 30 Jun 2008 02:24:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-2901

Summary

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action.

Vulnerable Systems

Application

  • Haudenschilt Family Connections Cms 1.4


References

XF - familyconnections-multiple-sql-injection(43097)

BID - 29722

MILW0RM - 5811

SECUNIA - 30680


Last Updated: 27 May 2016 10:48:01