EUVD-2023-28695

Malicious code in bioql PyPI...

PT-2024-25599 · Paypal · Paypal

Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: A SQL injection issue affects the payment system, allowing an attacker to send a specially crafted query to the server. This could enable the retrieval of all stored...

ChurchCRM 4.5.1 SQL Injection

Exploit Title: ChurchCRM 4.5.1 - Authenticated SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Version: 4.5.1...

CVE-2023-24685

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...

CVE-2023-24685

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...

CVE-2023-24685

ChurchCRM v4.5.3 and earlier contains a SQL injection in the Event Attendance reports module, triggered by the Event parameter. The vulnerability stems from an improper handling of input in the Event Attendance page, enabling unauthorized access to potentially sensitive data. Several sources conf...

CVE-2023-24685

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...