Lucene search
+L

5 matches found

NVD
NVD
added 2023/08/08 4:15 p.m.27 views

CVE-2023-38767

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php...

7.5CVSS7.6AI score0.0071EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/08/08 12:0 a.m.14 views

CVE-2023-38767

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php...

7.3AI score0.0071EPSS
Exploits0References4
CVE
CVE
added 2023/08/08 12:0 a.m.43 views

CVE-2023-38767

ChurchCRM v5.0.0 is affected by an SQL injection in /QueryView.php, exploitable via the value and custom parameters. Root cause: unsafely constructed SQL queries in that endpoint allow remote disclosure of sensitive information. Exploitation in the wild is not documented in the provided sources; ...

7.5CVSS7.5AI score0.0071EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/08/08 12:0 a.m.32 views

CVE-2023-38767

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php...

7.8AI score0.0071EPSS
Exploits0References4
OSV
OSV
added 2023/08/08 12:0 a.m.14 views

CVE-2023-38767

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php...

7.5CVSS7.6AI score0.0071EPSS
Exploits0References6
Rows per page
Query Builder