Church Management System
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-41643 | 0.01 | — | 0.04 | Oct 29, 2021 | Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. | |||
| CVE-2022-45328 | 0.00 | — | 0.01 | Nov 30, 2022 | Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php. | |||
| CVE-2022-41406 | 0.00 | — | 0.01 | Oct 11, 2022 | An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | |||
| CVE-2022-38595 | 0.00 | — | 0.01 | Sep 15, 2022 | Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php. | |||
| CVE-2022-38594 | 0.00 | — | 0.01 | Sep 15, 2022 | Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php. | |||
| CVE-2022-38605 | 0.00 | — | 0.01 | Sep 12, 2022 | Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php. | |||
| CVE-2022-2680 | 0.00 | — | 0.01 | Aug 5, 2022 | A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument username with the input ' OR (SELECT 7064 FROM(SELECT… | |||
| CVE-2022-1084 | 0.00 | — | 0.01 | Mar 29, 2022 | A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php. The manipulation leads to authentication bypass. The attack can be launched… | |||
| CVE-2022-1080 | 0.00 | — | 0.01 | Mar 29, 2022 | A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the argument search2 leads to sql injection. The attack can be initiated remotely. | |||
| CVE-2022-1079 | 0.00 | — | 0.01 | Mar 29, 2022 | A vulnerability classified as problematic has been found in SourceCodester One Church Management System. Affected are multiple files and parameters which are prone to to cross site scripting. It is possible to launch the attack remotely. |
- CVE-2021-41643Oct 29, 2021risk 0.01cvss —epss 0.04
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.
- CVE-2022-45328Nov 30, 2022risk 0.00cvss —epss 0.01
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php.
- CVE-2022-41406Oct 11, 2022risk 0.00cvss —epss 0.01
An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-38595Sep 15, 2022risk 0.00cvss —epss 0.01
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php.
- CVE-2022-38594Sep 15, 2022risk 0.00cvss —epss 0.01
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php.
- CVE-2022-38605Sep 12, 2022risk 0.00cvss —epss 0.01
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php.
- CVE-2022-2680Aug 5, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument username with the input ' OR (SELECT 7064 FROM(SELECT…
- CVE-2022-1084Mar 29, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php. The manipulation leads to authentication bypass. The attack can be launched…
- CVE-2022-1080Mar 29, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the argument search2 leads to sql injection. The attack can be initiated remotely.
- CVE-2022-1079Mar 29, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester One Church Management System. Affected are multiple files and parameters which are prone to to cross site scripting. It is possible to launch the attack remotely.