Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Family Connections Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2010-3419 - Vulnerability Database
Family Connections

Family Connections Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2010-3419

High
Reference: CVE-2010-3419
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-3419
Title: Family Connections Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the current_user_id parameter to (1) familynews.php and (2) settings.php.