6 matches found
EUVD-2023-28695
Malicious code in bioql PyPI...
ChurchCRM 4.5.1 SQL Injection
Exploit Title: ChurchCRM 4.5.1 - Authenticated SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Version: 4.5.1...
CVE-2023-24685
ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...
CVE-2023-24685
ChurchCRM v4.5.3 and earlier contains a SQL injection in the Event Attendance reports module, triggered by the Event parameter. The vulnerability stems from an improper handling of input in the Event Attendance page, enabling unauthorized access to potentially sensitive data. Several sources conf...
CVE-2023-24685
ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...
CVE-2023-24685
ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module...