VYPR

FCMS

by Haudenschilt

CVEs (1)

  • CVE-2007-4338Aug 14, 2007
    risk 0.04cvss epss 0.09

    index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the…