Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/12 10:30 p.m.20 views

EUVD-2026-29884

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

9.6CVSS5.8AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

ChurchCRM 授权问题漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions 7.2.0 to 7.2.2 of ChurchCRM have vulnerabilities related to authorization. These vulnerabilities stem from incomplete fixes to the CVE-2026-4058 vulnerability, which may allow attackers to exploit the PoC Proof of Concept...

9.6CVSS5.8AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40463

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

9.6CVSS5.8AI score0.00209EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40554

Name of the Vulnerable Software and Affected Versions User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration versions prior to 4.3.3 Description The plugin is subject to unauthorized data modification because the user subscription cancel function lacks...

4.3CVSS5.5AI score0.00153EPSS
Exploits0References8
Rows per page
Query Builder