Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/12 10:30 p.m.20 views

EUVD-2026-29884

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

9.6CVSS5.8AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

ChurchCRM 授权问题漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions 7.2.0 to 7.2.2 of ChurchCRM have vulnerabilities related to authorization. These vulnerabilities stem from incomplete fixes to the CVE-2026-4058 vulnerability, which may allow attackers to exploit the PoC Proof of Concept...

9.6CVSS5.8AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40554

Name of the Vulnerable Software and Affected Versions User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration versions prior to 4.3.3 Description The plugin is subject to unauthorized data modification because the user subscription cancel function lacks...

4.3CVSS5.5AI score0.00153EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40463

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

9.6CVSS5.8AI score0.00209EPSS
Exploits0References5
Rows per page
Query Builder