CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-23199

Malicious code in bioql PyPI...

9.8CVSS9AI score0.12317EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 9:46 a.m.•9 views

CVE-2024-25897

ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

9.8CVSS8AI score0.12317EPSS

Exploits2References1

Cvelist•added 2025/02/19 8:58 a.m.•16 views

CVE-2025-1134 SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the DonatedItemEditor functionality. The CurrentFundraiser parameter is directly concatenated into an SQL...

9.3CVSS0.00153EPSS

Exploits1References1

CNNVD•added 2025/02/19 12:0 a.m.•2 views

ChurchCRM 安全漏洞

ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM 5.13.0 and earlier versions, which stems from the CurrentFundraiser parameter being directly connected to a SQL query without sufficient cleanup, which can be exploited...

9.3CVSS9.4AI score0.00108EPSS

Exploits1References1

CNNVD•added 2025/02/19 12:0 a.m.•1 views

ChurchCRM 安全漏洞

9.3CVSS9.4AI score0.00153EPSS

Exploits1References1

CNVD•added 2024/08/15 12:0 a.m.•14 views

Unspecified Vulnerability in ChurchCRM (CNVD-2024-35648)

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0 that stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRCatalog.php page. No details of the vulnerability are provided at this tim...

9.8CVSS7.7AI score0.12317EPSS

Exploits2References1

CNNVD•added 2024/02/21 12:0 a.m.•2 views

ChurchCRM 安全漏洞

9.8CVSS7.8AI score0.12317EPSS

Exploits2References2

CNNVD•added 2024/02/21 12:0 a.m.•2 views

ChurchCRM Security Breach

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0, which stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRBidSheets.php page...

7.5CVSS7.8AI score0.00202EPSS

Exploits1References2

CNNVD•added 2024/02/21 12:0 a.m.•1 views

ChurchCRM Security Breach

9.1CVSS7.8AI score0.00205EPSS

Exploits1References2

Positive Technologies•added 2024/02/21 12:0 a.m.•3 views

PT-2024-21190 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.5.0 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, in the FRCatalog.php file. This vulnerability can be exploited via the CurrentFundraiser GET parameter in the API endpoint...

9.8CVSS8.4AI score0.12317EPSS

Exploits2References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by