Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
churchcrm vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-38764
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the birthmonth and percls parameters within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38765
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the membermonth parameter within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
5.4
CVSSv3
CVE-2023-38766
Cross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to execute arbitrary code via a crafted payload to the PersonView.php component.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38767
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38768
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the PropertyID parameter within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38769
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the searchstring and searchwhat parameters within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38770
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the group parameter within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38771
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the volopp parameter within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
7.5
CVSSv3
CVE-2023-38773
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote malicious user to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php.
Churchcrm Churchcrm 5.0.0
4.3
CVSSv3
CVE-2023-26839
A cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows malicious users to edit information for existing people on the site.
Churchcrm Churchcrm 4.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »