CVE-2024-25891

ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

ChurchCRM Security Breach

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0, which stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRBidSheets.php page...

PT-2024-21184 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.5.0 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, that can be exploited via the CurrentFundraiser GET parameter in the FRBidSheets.php file. Recommendations: For ChurchCRM...