Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42537

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0071EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42546

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0071EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-30632

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00288EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.6 views

CVE-2023-38765

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the membermonth parameter within the /QueryView.php...

7.5CVSS7.3AI score0.0071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:58 a.m.5 views

CVE-2022-31325

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php...

7.2CVSS8AI score0.04968EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:27 p.m.6 views

CVE-2020-28848

CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file...

8.8CVSS8.2AI score0.00948EPSS
Exploits1
CNNVD
CNNVD
added 2025/04/26 12:0 a.m.3 views

ChurchCRM 代码问题漏洞

ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM version 5.16.0 that stems from a server-side request forgery in the Referer Handler component...

6.3CVSS4.8AI score0.00483EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/08/11 12:0 a.m.12 views

CVE-2020-28848

CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file...

8.2AI score0.00948EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.4 views

ChurchCRM SQL注入漏洞

ChurchCRM is an open source CRM system for churches. ChurchCRM version v5.0.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the friendmonths parameter in QueryView.php. An attacker can exploit this vulnerability to execute...

7.5CVSS8.2AI score0.0071EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/02/09 12:0 a.m.12 views

CVE-2023-24685

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...

8.5AI score0.01023EPSS
Exploits3References4
Prion
Prion
added 2022/11/29 4:15 a.m.17 views

Cross site scripting

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input Deposit Comment...

4.3CVSS5AI score0.00488EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/11/29 12:0 a.m.21 views

CVE-2022-36137

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader...

5.3AI score0.00488EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/29 12:0 a.m.31 views

CVE-2022-36136

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input Deposit Comment...

5.3AI score0.00488EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/29 12:0 a.m.7 views

CVE-2022-36137

ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader...

5.3AI score0.00488EPSS
Exploits1References2
Rows per page
Query Builder