EUVD-2026-19771

ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...

PT-2026-30940

ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...

Reading Apache htaccess Files (win)

Reading Apache htaccess Files This script get the AuthUserFile configuration of an list of Apache htaccess files. OpenVAS Vulnerability Test $Id: GSHBReadApachehtaccessfiles.nasl 7293 2017-09-27 08:49:48Z cfischer $ Reading Apache htaccess Files win Authors: Thomas Rotter Copyright: Copyright c...

apr-util heap buffer underwrite

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

Privelege escalation via Apache .htaccess buffer overflow

Oversized line in .htaccess causes buffer overflow...