Filtered by vendor Church Management System Project
Subscribe
Filtered by product Church Management System
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41661 | 1 Church Management System Project | 1 Church Management System | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell. | |||||
| CVE-2021-41643 | 1 Church Management System Project | 1 Church Management System | 2021-11-02 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. | |||||