Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-1903

Malware in sbrugna...

7.5CVSS6.4AI score0.01061EPSS
Exploits0References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection

No description provided by source. !-- Family Connections CMS 2.3.2 POST Stored XSS And XML Injection Vendor: Ryan Haudenschilt Product web page: http://www.familycms.com Affected version: 2.3.2 Summary: Family Connections is an open source content management system. It makes creating a private,...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/03/26 12:0 a.m.12 views

Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting XML Injection

Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting XML Injection Family Connections CMS 2.3.2 Stored XSS And XPath Injection function xpathdocument.forms"xml".submit; function xssdocument.forms"xss".submit; a href="javascri...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2011/03/25 12:0 a.m.12 views

Family Connections 2.3.2 - subject HTML Injection

Family Connections 2.3.2 - subject HTML Injection source: https://www.securityfocus.com/bid/47037/info Family Connections is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Exploits0
Zero Science Lab
Zero Science Lab
added 2011/03/25 12:0 a.m.40 views

Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection

Summary Family Connections is an open source content management system. It makes creating a private, family website easy and fun. Description FCMS suffers from a stored XSS vulnerability post-auth in messageboard.php script thru the 'subject' post parameter. XML Inj. lies in the /inc/getChat.php...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/25 12:0 a.m.18 views

Family Connections CMS 2.3.2 XSS / XML Injection

Family Connections CMS 2.3.2 Stored XSS And XPath Injection function xpathdocument.forms"xpath".submit; function xssdocument.forms"xss".submit; font color="r...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2011/03/25 12:0 a.m.27 views

Family Connections 2.3.2 - 'subject' HTML Injection

source: https://www.securityfocus.com/bid/47037/info Family Connections is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

7AI score
Exploits0
Prion
Prion
added 2007/08/14 6:17 p.m.22 views

Design/Logic Flaw

index.php in Ryan Haudenschilt Family Connections FCMS before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcmsloginid cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter...

10CVSS8AI score0.08925EPSS
Exploits1References10Affected Software1
Prion
Prion
added 2007/04/10 11:19 p.m.12 views

Sql injection

SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 user or 2 pass parameter...

7.5CVSS9.1AI score0.01061EPSS
Exploits0References5
CVE
CVE
added 2007/04/10 11:0 p.m.42 views

CVE-2007-1909

The CVE-2007-1909 entry refers to a SQL injection vulnerability in the Battle.net Clan Script for PHP (version 1.5.1 and earlier). The flaw is in login.php and allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter. This can impact confidentiality, integr...

7.5CVSS8.5AI score0.01061EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/04/10 11:0 p.m.23 views

CVE-2007-1909

SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 user or 2 pass parameter...

8.5AI score0.01061EPSS
Exploits0References5
Rows per page
Query Builder