3 matches found
CVE-2022-1084
CVE-2022-1084 affects SourceCodester One Church Management System 1.0. An authentication bypass is caused by improper access control in /one_church/userregister.php, enabling remote exploitation. Documented as critical (CVSSv3.1 base score 9.8; CVSSv2 7.5). No remediation or exploit details are p...
CVE-2022-1080
CVE-2022-1080 affects SourceCodester One Church Management System 1.0. The vulnerability is a SQL injection in the attendancy.php file caused by unsafely handling the search2 parameter, allowing an attacker to manipulate SQL statements. Exploitation can be performed remotely. The available connec...
CVE-2022-1079
CVE-2022-1079 affects SourceCodester One Church Management System (churchprofile.php and other files/parameters) with a cross-site scripting vulnerability due to insufficient input validation and output encoding. Impact: an attacker can remotely craft inputs to execute JavaScript in a victim’s br...