CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/23 9:45 a.m.•7 views

CVE-2024-25892

ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection Time-based via the familyId GET parameter...

8.1CVSS8.1AI score0.00214EPSS

Exploits1References1

NVD•added 2024/02/21 6:15 p.m.•10 views

CVE-2024-25892

ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection Time-based via the familyId GET parameter...

8.1CVSS7.7AI score0.00214EPSS

Exploits1References1

Cvelist•added 2024/02/21 12:0 a.m.•11 views

CVE-2024-25892

ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection Time-based via the familyId GET parameter...

8AI score0.00214EPSS

Exploits1References1

CNNVD•added 2024/02/21 12:0 a.m.•1 views

ChurchCRM Security Breach

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0, which stems from a SQL blind time-based vulnerability in the familyId GET parameter of the ConfirmReport.php page...

8.1CVSS7.4AI score0.00214EPSS

Exploits1References2

CVE•added 2024/02/21 12:0 a.m.•43 views

CVE-2024-25892

ChurchCRM 5.5.0 is affected by a Blind SQL Injection (time-based) in ConfirmReport.php, exploitable via the familyId GET parameter. The CVE indicates a high-severity issue with impact on confidentiality, integrity, and availability, and a network attack vector with no user interaction required. R...

8.1CVSS8AI score0.00214EPSS

Exploits1References1Affected Software1