Unrated severityNVD Advisory· Published Jun 30, 2008· Updated Apr 23, 2026

CVE-2008-2901

Description

Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action.

Affected products

Haudenschilt/Family Connections CMS
cpe:2.3:a:haudenschilt:family_connections_cms:1.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/29722nvdExploit
secunia.com/advisories/30680nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/43097nvd
www.exploit-db.com/exploits/5811nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000