Code injection

2012-08-3022:55:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

0.77 High

EPSS

Percentile

98.2%

JSON

dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.

CPENameOperatorVersion
family_connections_cmseq2.5.1
family_connections_cmseq2.5.0
family_connections_cmseq2.5.2
family_connections_cmseq2.7.0
family_connections_cmseq2.5.3
family_connections_cmseq2.7.1
family_connections_cmseq2.6.0
family_connections_cmseq2.5.4

Name	Operator	Version
family_connections_cms	eq	2.5.1
family_connections_cms	eq	2.5.0
family_connections_cms	eq	2.5.2
family_connections_cms	eq	2.7.0
family_connections_cms	eq	2.5.3
family_connections_cms	eq	2.7.1
family_connections_cms	eq	2.6.0
family_connections_cms	eq	2.5.4