Description
Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the current_user_id parameter to (1) familynews.php and (2) settings.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (2.6.3.1)
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Security Bypass (1.3.6.4)
Joomla Improper Input Validation Vulnerability (CVE-2006-4466)
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053)
ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7369)