CVE-2025-1599

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profilecrud.php. The manipulation of the argument oldcatimg leads to path traversal: '../filedir'. The...

CVE-2025-2606

CVE-2025-2606 affects SourceCodester Best Church Management Software 1.0. The vulnerability arises from improper handling of the photo/photo1 parameter in /admin/app/soulwinning_crud.php, enabling unrestricted file upload. It is possible to trigger remotely, and the exploit has been disclosed pub...

CVE-2025-1597

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/redirect.php. The manipulation of the argument a leads to cross site scripting. It is possible to launch the attack remotely...

SourceCodester Best Church Management Software 注入漏洞

SourceCodester Best Church Management Software is an open source church management software from Sourcecodester. An injection vulnerability exists in SourceCodester Best Church Management Software version 1.1, which stems from an incorrect manipulation of the parameter id that can lead to SQL...