Description
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action.
Remediation
References
Related Vulnerabilities
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814)
WordPress CVE-2023-39999 Vulnerability (CVE-2023-39999)
WordPress Plugin Sidebar Adder 2 Cross-Site Scripting (2.0.0)
WordPress Plugin Stop User Enumeration Security Bypass (1.3.18)
Sqlite Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-19646)