Lucene search
K

4695 matches found

NVD
NVD
added 2024/02/21 6:15 p.m.10 views

CVE-2024-25893

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

9.1CVSS7.7AI score0.00366EPSS
Exploits1References1
NVD
NVD
added 2024/02/21 6:15 p.m.11 views

CVE-2024-25892

ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection Time-based via the familyId GET parameter...

8.1CVSS7.7AI score0.00576EPSS
Exploits1References1
NVD
NVD
added 2024/02/21 6:15 p.m.14 views

CVE-2024-25897

ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

9.8CVSS7.7AI score0.01554EPSS
Exploits2References1
NVD
NVD
added 2024/02/21 6:15 p.m.35 views

CVE-2024-25896

ChurchCRM 5.5.0 EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EID POST parameter...

5.3CVSS7.7AI score0.00427EPSS
Exploits1References1
OSV
OSV
added 2024/02/21 6:15 p.m.7 views

CVE-2024-25893

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

9.1CVSS8AI score
Exploits0References1
Prion
Prion
added 2024/02/21 6:15 p.m.15 views

Sql injection

ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection Time-based via the familyId GET parameter...

8.8AI score0.00576EPSS
Exploits1References1
Prion
Prion
added 2024/02/21 6:15 p.m.10 views

Sql injection

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8.8AI score0.00366EPSS
Exploits1References1
Prion
Prion
added 2024/02/21 6:15 p.m.16 views

Sql injection

ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8.8AI score0.01554EPSS
Exploits2References1
Prion
Prion
added 2024/02/21 6:15 p.m.17 views

Sql injection

ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EventCount POST parameter...

8.8AI score0.00654EPSS
Exploits1References1
Prion
Prion
added 2024/02/21 6:15 p.m.18 views

Sql injection

ChurchCRM 5.5.0 EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EID POST parameter...

8.8AI score0.00427EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/21 12:0 a.m.13 views

CVE-2024-25892

ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection Time-based via the familyId GET parameter...

8.1AI score0.00576EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/21 12:0 a.m.10 views

CVE-2024-25893

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8.1AI score0.00366EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/21 12:0 a.m.11 views

CVE-2024-25891

ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8AI score0.00578EPSS
Exploits1References1
CVE
CVE
added 2024/02/21 12:0 a.m.40 views

CVE-2024-25894

CVE-2024-25894 affects ChurchCRM 5.5.0, specifically EventEditor.php, where a time-based blind SQL injection via the EventCount POST parameter is reported. Affected item: ChurchCRM 5.5.0 /EventEditor.php; vulnerability class: Blind SQL Injection (Time-based). Underlying cause and impact are state...

9.8CVSS8AI score0.00654EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/02/21 12:0 a.m.15 views

CVE-2024-25894

ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EventCount POST parameter...

8AI score0.00654EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/21 12:0 a.m.13 views

CVE-2024-25894

ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EventCount POST parameter...

8.4AI score0.00654EPSS
Exploits1References1
CVE
CVE
added 2024/02/21 12:0 a.m.65 views

CVE-2024-25897

CVE-2024-25897 affects ChurchCRM 5.5.0, specifically the FRCatalog.php endpoint where a time-based blind SQL injection is exploitable via the CurrentFundraiser GET parameter. Attack surface: web/API call to FRCatalog.php with CurrentFundraiser values can yield high-impact exposure (as reflected i...

9.8CVSS8AI score0.01554EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.5 views

PT-2024-21184 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.5.0 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, that can be exploited via the CurrentFundraiser GET parameter in the FRBidSheets.php file. Recommendations: For ChurchCRM...

7.5CVSS8.2AI score0.00578EPSS
Exploits1References4
CVE
CVE
added 2024/02/21 12:0 a.m.40 views

CVE-2024-25891

ChurchCRM 5.5.0 is vulnerable in FRBidSheets.php to a time-based blind SQL injection via the CurrentFundraiser GET parameter. Affected component: FRBidSheets.php; vulnerability type: blind SQLi (time-based) with potential disclosure of database information. CVSS metrics indicate NETWORK access, h...

7.5CVSS8AI score0.00578EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/02/21 12:0 a.m.37 views

CVE-2024-25896

ChurchCRM 5.5.0 EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EID POST parameter...

8AI score0.00427EPSS
Exploits1References1
Rows per page
Query Builder