EUVD-2009-2006

Malware in sbrugna...

EUVD-2008-2894

Malware in sbrugna...

EUVD-2007-1903

Malware in sbrugna...

EUVD-2010-3417

Malware in sbrugna...

Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection

No description provided by source. !-- Family Connections CMS 2.3.2 POST Stored XSS And XML Injection Vendor: Ryan Haudenschilt Product web page: http://www.familycms.com Affected version: 2.3.2 Summary: Family Connections is an open source content management system. It makes creating a private,...

Haudenschilt Family Connections <= 0.8 Index.PHP Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25276/info Haudenschilt Family Connections is prone to an authentication-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access. This may facilitate a compromise of the application and underlyi...

Family Connections 'argv[1]' Parameter Remote Arbitrary Command Execution Vulnerability

Family Connections is prone to a remote arbitrary command- execution vulnerability because it fails to properly validate user-supplied input. An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application. OpenVAS Vulnerability Test $Id:...

Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting XML Injection

Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting XML Injection Family Connections CMS 2.3.2 Stored XSS And XPath Injection function xpathdocument.forms"xml".submit; function xssdocument.forms"xss".submit; a href="javascri...

Family Connections 2.3.2 - subject HTML Injection

Family Connections 2.3.2 - subject HTML Injection source: https://www.securityfocus.com/bid/47037/info Family Connections is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Family Connections CMS 2.3.2 XSS / XML Injection

Family Connections CMS 2.3.2 Stored XSS And XPath Injection function xpathdocument.forms"xpath".submit; function xssdocument.forms"xss".submit; font color="r...

Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection

Summary Family Connections is an open source content management system. It makes creating a private, family website easy and fun. Description FCMS suffers from a stored XSS vulnerability post-auth in messageboard.php script thru the 'subject' post parameter. XML Inj. lies in the /inc/getChat.php...

Family Connections 2.3.2 - &#039;subject&#039; HTML Injection

source: https://www.securityfocus.com/bid/47037/info Family Connections is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Haudenschilt Family Connections CMS (FCMS) Multiple PHP remote file inclusion vulnerabilities

This host is running Haudenschilt Family Connections CMS FCMS and is prone to multiple remote file inclusion vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfcmsmultrfivuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Haudenschilt Family Connections CMS FCMS Multiple PHP remote file inclusion...

Haudenschilt Family Connections CMS (FCMS) Multiple PHP remote file inclusion vulnerabilities

Haudenschilt Family Connections CMS FCMS is prone to multiple remote file inclusion vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2010-3419

Haudenschilt Family Connections CMS (FCMS) 2.2.3 is vulnerable to multiple PHP remote file inclusion (RFI) flaws. The issue allows an attacker to execute arbitrary PHP code by supplying a URL in the current_user_id parameter to two scripts (familynews.php and settings.php). This stems from insecu...

CVE-2009-2010

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS FCMS 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 thread parameter to messageboard.php, 2 member parameter to profile.php, 3 pid parameter to gallery/index.php, and the 4...

CVE-2009-2010

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS FCMS 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 thread parameter to messageboard.php, 2 member parameter to profile.php, 3 pid parameter to gallery/index.php, and the 4...

CVE-2009-2010

The CVE-2009-2010 entry concerns Haudenschilt Family Connections FCMS (version 1.9 and earlier). The vulnerability is a set of SQL injection flaws: remote authenticated users can trigger injections via (1) thread parameter in messageboard.php, (2) member parameter in profile.php, (3) pid paramete...

CVE-2008-2901

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS FCMS 1.4 allow remote authenticated users to execute arbitrary SQL commands via the 1 address parameter to addressbook.php, the 2 getnews parameter to familynews.php, and the 3 pollid parameter to home.php in a results...

CVE-2008-2901

CVE-2008-2901 affects Haudenschilt Family Connections CMS (FCMS) 1.4. Multiple SQL injection vulnerabilities exist that allow remote authenticated users to execute arbitrary SQL commands via (1) address parameter to addressbook.php, (2) getnews parameter to familynews.php, and (3) poll_id paramet...