Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.
Published at: January 11, 2018 at 03:29PM
View on website
More Stories
‘My 401k Misses You’: Black Woman Pumped To Meet Donald Trump In Philadelphia – July 18, 2023 at 04:56PM
Energy Provider Warns of Impending ‘Crisis,’ ‘Blackout Conditions’ Driven By Biden Plans – July 18, 2023 at 04:20PM
Dog starts barking at cows crossing a bridge, so the cows stop to have a look. – July 17, 2023 at 02:27PM