Lucene search
+L

28 matches found

CVE
CVE
added 2024/02/21 12:0 a.m.68 views

CVE-2024-25897

CVE-2024-25897 affects ChurchCRM 5.5.0, specifically the FRCatalog.php endpoint where a time-based blind SQL injection is exploitable via the CurrentFundraiser GET parameter. Attack surface: web/API call to FRCatalog.php with CurrentFundraiser values can yield high-impact exposure (as reflected i...

9.8CVSS8AI score0.01554EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/21 12:0 a.m.10 views

CVE-2024-25893

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8.1AI score0.00366EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.6 views

ChurchCRM 安全漏洞

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0 that stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRCatalog.php page. No details of the vulnerability are provided at this tim...

9.8CVSS7.8AI score0.01554EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/02/21 12:0 a.m.23 views

CVE-2024-25891

ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8AI score0.00578EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/21 12:0 a.m.22 views

CVE-2024-25893

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8AI score0.00366EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.8 views

PT-2024-21190 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.5.0 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, in the FRCatalog.php file. This vulnerability can be exploited via the CurrentFundraiser GET parameter in the API endpoint...

9.8CVSS8.4AI score0.01554EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2024/02/21 12:0 a.m.11 views

CVE-2024-25891

ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

8.1AI score0.00578EPSS
Exploits1References1
OSV
OSV
added 2024/02/21 12:0 a.m.7 views

CVE-2024-25893

ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

9.1CVSS8AI score0.00366EPSS
Exploits1References3
Rows per page
Query Builder