28 matches found
CVE-2026-35566
...
EUVD-2024-23199
Malicious code in bioql PyPI...
CVE-2024-25897
ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
CVE-2024-25893
ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
CVE-2024-25891
ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
Blind SQL Injection Vulnerability in ChurchCRM FRBidSheets.php Page
ChurchCRM is an open source church management system. ChurchCRM suffers from a blind SQL injection vulnerability that stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRBidSheets.php page. An attacker can exploit this vulnerability to perform...
ChurchCRM DonateItemEditor Feature Blind SQL Injection Vulnerability
ChurchCRM is an open source church management system. ChurchCRM suffers from a blind SQL injection vulnerability that stems from the CurrentFundraiser parameter being directly connected to a SQL query without sufficient cleanup, which can be exploited by an attacker to execute arbitrary SQL queri...
CVE-2025-1135 SQL Injection in ChurchCRM CurrentFundraiser Parameter via BatchWinnerEntry.php
A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the BatchWinnerEntry functionality. The CurrentFundraiser parameter is directly concatenated into an SQL...
CVE-2025-1134 SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the DonatedItemEditor functionality. The CurrentFundraiser parameter is directly concatenated into an SQL...
ChurchCRM 安全漏洞
ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM 5.13.0 and earlier versions, which stems from the CurrentFundraiser parameter being directly connected to a SQL query without sufficient cleanup, which can be exploited...
ChurchCRM 安全漏洞
ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM 5.13.0 and earlier versions, which stems from the CurrentFundraiser parameter being directly connected to a SQL query without sufficient cleanup, which can be exploited...
Unspecified Vulnerability in ChurchCRM (CNVD-2024-35648)
ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0 that stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRCatalog.php page. No details of the vulnerability are provided at this tim...
CVE-2024-25893
ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
CVE-2024-25897
ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
CVE-2024-25893
ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
CVE-2024-25891
ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
Sql injection
ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
Sql injection
ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...
ChurchCRM 安全漏洞
ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0 that stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRCatalog.php page. No details of the vulnerability are provided at this tim...
ChurchCRM Security Breach
ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0, which stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRBidSheets.php page...