ChurchCRM 漏洞列表
共找到 9 个与 ChurchCRM 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2023-25346: ChurchCRM 4.5.3 - Cross-Site Scripting POC
A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found. -
CVE-2023-26842: ChurchCRM 4.5.3 - Cross-Site Scripting POC
A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the OptionManager.php. -
CVE-2023-26843: ChurchCRM 4.5.3 - Cross-Site Scripting POC
A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php. -
CVE-2023-31548: ChurchCRM v4.5.3 - Cross-Site Scripting POC
A stored Cross-site scripting (XSS) vulnerability in the FundRaiserEditor.php component of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. -
CVE-2023-25346: ChurchCRM 4.5.3 - Cross-Site Scripting POC
A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found. -
CVE-2023-26842: ChurchCRM 4.5.3 - Cross-Site Scripting POC
A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the OptionManager.php. -
CVE-2023-26843: ChurchCRM 4.5.3 - Cross-Site Scripting POC
A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php. -
CVE-2023-31548: ChurchCRM v4.5.3 - Cross-Site Scripting POC
A stored Cross-site scripting (XSS) vulnerability in the FundRaiserEditor.php component of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. -
ChurchCRM GetText.php SQL注入漏洞 无POC
ChurchCRM存在SQL注入漏洞。此漏洞是由于GetText.php对用户发送的请求缺乏校验导致的。