9 matches found
CVE-2025-67877
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a SQL injection vulnerability in the src/CartToFamily.php file, specifically in how the PersonAddress POST parameter is handled. Unlike other parameters in the same file which are correctly cast to integers using t...
CVE-2025-67877
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a SQL injection vulnerability in the src/CartToFamily.php file, specifically in how the PersonAddress POST parameter is handled. Unlike other parameters in the same file which are correctly cast to integers using t...
EUVD-2025-203991
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a SQL injection vulnerability in the src/CartToFamily.php file, specifically in how the PersonAddress POST parameter is handled. Unlike other parameters in the same file which are correctly cast to integers using t...
CVE-2025-67877 ChurchCRM SQL Injection Vulnerability
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a SQL injection vulnerability in the src/CartToFamily.php file, specifically in how the PersonAddress POST parameter is handled. Unlike other parameters in the same file which are correctly cast to integers using t...
CVE-2025-67877 ChurchCRM SQL Injection Vulnerability
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a SQL injection vulnerability in the src/CartToFamily.php file, specifically in how the PersonAddress POST parameter is handled. Unlike other parameters in the same file which are correctly cast to integers using t...
CVE-2025-67877 ChurchCRM SQL Injection Vulnerability
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a SQL injection vulnerability in the src/CartToFamily.php file, specifically in how the PersonAddress POST parameter is handled. Unlike other parameters in the same file which are correctly cast to integers using t...
CVE-2025-67877
ChurchCRM before version 6.5.3 has a SQL injection vulnerability in src/CartToFamily.php related to handling of the PersonAddress POST parameter. Unlike other parameters, PersonAddress is not explicitly cast to an integer, enabling injection of arbitrary SQL statements into the query. The issue i...
ChurchCRM SQL注入漏洞
ChurchCRM is an open source church management system. ChurchCRM suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the PersonAddress parameter in the src/CartToFamily.php file. No details of the vulnerability are provided at...
PT-2025-51926
Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM, an open-source church management system, contains a SQL injection issue. The vulnerability resides in the src/CartToFamily.php file, specifically in the handling of the PersonAddress POS...