VYPR

CRM

by Churchcrm

Source repositories

CVEs (43)

  • CVE-2024-25891Feb 21, 2024
    risk 0.00cvss epss 0.01

    ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection (Time-based) via the CurrentFundraiser GET parameter.

  • CVE-2023-24684Feb 9, 2023
    risk 0.00cvss epss 0.01

    ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php.

  • CVE-2022-36137Nov 29, 2022
    risk 0.00cvss epss 0.00

    ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader.

Page 3 of 3