Lucene search
K
CampcodesChurch Management System

9 matches found

CVE
CVE
added 2024/04/10 5:0 a.m.62 views

CVE-2024-3539

CVE-2024-3539 affects Campcodes Church Management System 1.0. A SQL injection vulnerability exists in the /admin/addgiving.php file, caused by improper handling of the amount parameter. The attack is remotely exploitable and has publicly disclosed exploit information. Affected CVSS metrics indica...

8.8CVSS7.3AI score0.00882EPSS
Web
CVE
CVE
added 2024/04/10 5:31 a.m.58 views

CVE-2024-3541

CVE-2024-3541 affects Campcodes Church Management System 1.0, with a cross-site scripting vulnerability in the /admin/admin_user.php file. The flaw is triggered by manipulating the firstname parameter and can be exploited remotely; multiple sources note that the exploit has been disclosed publicl...

6.1CVSS6.2AI score0.00686EPSS
Web
CVE
CVE
added 2024/04/10 4:31 a.m.57 views

CVE-2024-3538

The CVE-2024-3538 entry covers Campcodes Church Management System 1.0, where an SQL injection affects an unknown function in /admin/addTithes.php via the na parameter. The vulnerability can be exploited remotely and has been disclosed publicly. No remediation or patch details are provided in the ...

8.8CVSS7.3AI score0.00882EPSS
Web
CVE
CVE
added 2024/04/10 5:0 a.m.57 views

CVE-2024-3540

CVE-2024-3540 affects Campcodes Church Management System 1.0. Affected component: /admin/add_sundaysch.php where the Gender parameter can be manipulated to trigger SQL injection. Root cause: unsanitized input in a server-side query, enabling remote exploitation. Publicly disclosed exploit exists....

8.8CVSS7.3AI score0.00882EPSS
Web
CVE
CVE
added 2024/04/10 2:31 a.m.55 views

CVE-2024-3534

CVE-2024-3534 affects Campcodes Church Management System 1.0. The issue is a SQL injection in login.php via the password parameter, enabling remote exploitation. Several connected sources confirm a critical risk (network vector, low attack complexity, no privileges required) and that the vulnerab...

9.8CVSS7.4AI score0.01067EPSS
CVE
CVE
added 2024/04/10 3:31 a.m.55 views

CVE-2024-3536

CVE-2024-3536 affects Campcodes Church Management System 1.0. The vulnerability is a SQL injection in the /admin/delete_log.php file caused by unsafely handling the selector parameter. Exploitation is possible remotely, and public exploit information has been disclosed. Impact is described variab...

8.8CVSS7.5AI score0.00882EPSS
Web
CVE
CVE
added 2024/04/10 3:0 a.m.54 views

CVE-2024-3535

CVE-2024-3535 describes a critical SQL injection in Campcodes Church Management System 1.0, arising from the password parameter in /admin/index.php. The vulnerability permits remote exploitation and has publicly disclosed exploits (VDB-259905). Multiple sources corroborate the issue and its linka...

9.8CVSS7.4AI score0.01067EPSS
Web
CVE
CVE
added 2024/04/10 4:0 a.m.53 views

CVE-2024-3537

CVE-2024-3537 affects Campcodes Church Management System 1.0. The vulnerability lies in the /admin/admin_user.php file, where manipulation of the firstname parameter enables SQL injection due to improper input handling. The issue can be triggered remotely, and public exploit disclosures exist. Af...

8.8CVSS7.3AI score0.00882EPSS
Web
CVE
CVE
added 2024/04/10 6:0 a.m.46 views

CVE-2024-3542

Campcodes Church Management System 1.0 contains a cross-site scripting vulnerability in /admin/add_visitor.php, triggered by the mobile parameter. Description indicates remote initiation and publicly disclosed exploit; CVSS metrics cite MEDIUM impact overall (NVD 6.1). Connected sources corrobora...

6.1CVSS6.3AI score0.00689EPSS
Web