41 matches found
EUVD-2026-19808
ChurchCRM is an open-source church management system. Prior to 7.1.0, the GroupPropsFormRowOps.php file contains a SQL injection vulnerability. User input in the Field parameter is directly inserted into SQL queries without proper sanitization. The mysqlirealescapestring function does not escape...
CVE-2025-1201
A vulnerability was found in SourceCodester Best Church Management Software 1.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/app/profilecrud.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-1599
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profilecrud.php. The manipulation of the argument oldcatimg leads to path traversal: '../filedir'. The...
EUVD-2025-2074
Malicious code in bioql PyPI...
EUVD-2025-2072
Malicious code in bioql PyPI...
CVE-2025-2606
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/soulwinningcrud.php. The manipulation of the argument photo/photo1 leads to unrestricted upload. The...
CVE-2025-2606
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/soulwinningcrud.php. The manipulation of the argument photo/photo1 leads to unrestricted upload. The...
CVE-2025-2606
CVE-2025-2606 affects SourceCodester Best Church Management Software 1.0. The vulnerability arises from improper handling of the photo/photo1 parameter in /admin/app/soulwinning_crud.php, enabling unrestricted file upload. It is possible to trigger remotely, and the exploit has been disclosed pub...
CVE-2025-2606 SourceCodester Best Church Management Software soulwinning_crud.php unrestricted upload
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/soulwinningcrud.php. The manipulation of the argument photo/photo1 leads to unrestricted upload. The...
CVE-2025-2606 SourceCodester Best Church Management Software soulwinning_crud.php unrestricted upload
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/soulwinningcrud.php. The manipulation of the argument photo/photo1 leads to unrestricted upload. The...
SourceCodester Best Church Management Software 代码问题漏洞
SourceCodester Best Church Management Software is an open source church management software from SourceCodester. A code issue vulnerability exists in version 1.0 of SourceCodester Best Church Management Software, which stems from improper manipulation of the photo/photo1 parameter in the...
CVE-2025-1961
A vulnerability has been found in SourceCodester Best Church Management Software 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/webcrud.php. The manipulation of the argument encryption leads to sql injection. The attack can be...
CVE-2025-1961 SourceCodester Best Church Management Software web_crud.php sql injection
A vulnerability has been found in SourceCodester Best Church Management Software 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/webcrud.php. The manipulation of the argument encryption leads to sql injection. The attack can be...
SourceCodester Best Church Management Software 注入漏洞
SourceCodester Best Church Management Software is an open source church management software from SourceCodester. An injection vulnerability exists in SourceCodester Best Church Management Software version 1.1, which stems from an incorrect operation of the parameter encryption that can lead to SQ...
CVE-2025-1597
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/redirect.php. The manipulation of the argument a leads to cross site scripting. It is possible to launch the attack remotely...
CVE-2025-1599
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profilecrud.php. The manipulation of the argument oldcatimg leads to path traversal: '../filedir'. The...
SourceCodester Best Church Management Software 安全漏洞
SourceCodester Best Church Management Software is an open source church management software from SourceCodester. A security vulnerability exists in SourceCodester Best Church Management Software version 1.0, which stems from a path traversal due to incorrect operation of the parameter oldcatimg...
SourceCodester Best Church Management Software 代码问题漏洞
SourceCodester Best Church Management Software is an open source church management software from SourceCodester. A code issue vulnerability exists in version 1.0 of SourceCodester Best Church Management Software, which stems from an incorrect manipulation of the parameter photo1 resulting in...
CVE-2025-1598 SourceCodester Best Church Management Software asset_crud.php unrestricted upload
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/assetcrud.php. The manipulation of the argument photo1 leads to unrestricted upload. The attack can ...
CVE-2025-1598
CVE-2025-1598 affects SourceCodester Best Church Management Software 1.0. A vulnerability exists in the /admin/app/asset_crud.php endpoint where manipulation of the photo1 parameter allows unrestricted file upload, enabling remote exploitation. Multiple sources confirm an arbitrary/unrestricted u...