Multiple SQL injection vulnerabilities in Family Connections (aka FCMS) before 1.8.2 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to addressbook.php, (2) id parameter to recipes.php, (3) year parameter to register.php, (4) poll_id parameter to home.php, and (5) email parameter to lostpw.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-04-22T14:00:00
Updated: 2024-08-07T07:17:25.507Z
Reserved: 2010-04-22T00:00:00
Link: CVE-2009-4791
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-04-22T14:30:00.463
Modified: 2024-11-21T01:10:27.800
Link: CVE-2009-4791
Redhat
No data.