CVE-2007-4338

NONECVSS 0.0

0.0

index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter.

🔗 References (20)

cve@mitrehttp://osvdb.org/39534
cve@mitrehttp://secunia.com/advisories/26421
cve@mitrehttp://securityreason.com/securityalert/3009
cve@mitrehttp://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513
cve@mitrehttp://www.attrition.org/pipermail/vim/2007-August/001762.html
cve@mitrehttp://www.attrition.org/pipermail/vim/2007-August/001768.html
cve@mitrehttp://www.securityfocus.com/archive/1/476142/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/476293/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/25276
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/35966
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/39534
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26421
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3009
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513
af854a3a-2127-422b-91ae-364da2661108http://www.attrition.org/pipermail/vim/2007-August/001762.html

Is Your Infrastructure Affected by CVE-2007-4338?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4338

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4338?