Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
churchcrm churchcrm 4.4.5 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-31325
There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php.
Churchcrm Churchcrm 4.4.5
NA
CVE-2022-36136
ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow malicious users to store XSS via location input Deposit Comment.
Churchcrm Churchcrm 4.4.5
NA
CVE-2022-36137
ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow malicious users to store XSS via location input sHeader.
Churchcrm Churchcrm 4.4.5
6.5
CVSSv2
CVE-2021-41965
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated malicious user to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being per...
Churchcrm Churchcrm
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started