漏洞描述
ChurchCRM存在SQL注入漏洞。此漏洞是由于GetText.php对用户发送的请求缺乏校验导致的。
ChurchCRM GetText.php SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-1023: ChurchCRM - SQL Injection
- POC churchcrm-default-login: ChurchCRM - Default Login
- POC churchcrm-installer: ChurchCRM - Setup Exposure
- POC CVE-2023-25346: ChurchCRM 4.5.3 - Cross-Site Scripting
- POC CVE-2023-26842: ChurchCRM 4.5.3 - Cross-Site Scripting
- POC CVE-2023-26843: ChurchCRM 4.5.3 - Cross-Site Scripting
- POC CVE-2023-31548: ChurchCRM v4.5.3 - Cross-Site Scripting
- POC churchcrm-xss: ChurchCRM - Cross-Site Scripting