Church Management System Project Church Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Church Management System Project Church Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-41661 — CVSS 9.8 (critical): Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar…
CVE-2021-41643 — CVSS 9.8 (critical): Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.
CVE-2022-38595 — CVSS 7.2 (high): Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php.
CVE-2022-38605 — CVSS 7.2 (high): Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php.
CVE-2022-41406 — CVSS 7.2 (high): An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute…
CVE-2022-45328 — CVSS 7.2 (high): Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php.
CVE-2022-38594 — CVSS 7.2 (high): Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php.
CVE-2022-2680 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. Affected is an unknown function of…