3 matches found
Sql injection
Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the 1 uname or 2 pass parameters in a login action...
CVE-2012-6507
CVE-2012-6507 affects ChurchCMS 0.0.1: SQL injection vulnerabilities in admin.php allowing remote attackers to execute arbitrary SQL via the login parameters (uname or pass). The root cause is improper input handling in the login action, leading to data exposure/integrity risks. Affected componen...
CVE-2012-6507
Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the 1 uname or 2 pass parameters in a login action...