GHSA-px3r-mm7x-5xq2

Опубликовано: 24 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

RESERVED churchcrm v4.5.3 was discovered to contain a SQL injection vulnerability via the Event parameter at /churchcrm/EventAttendance.php.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2023-24787
https://github.com/ChurchCRM/CRM
https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.md
https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.py

8.8 High

CVSS3

CVE ID

CVE-2023-24787

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-24787

nvd

почти 3 года назад

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-24685. Reason: This record is a duplicate of CVE-2023-24685. Notes: All CVE users should reference CVE-2023-24685 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

8.8 High

CVSS3

CVE ID

CVE-2023-24787

Дефекты

CWE-89