CVE Details
Basic Information
| Title | Campcodes Church Management System index.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-04-10T03:00:05.144Z |
| Modified | 2024-08-01T20:12:07.690Z |
Product Information
| Vendor | Campcodes |
|---|---|
| Product | Church Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 7.3 (HIGH) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability in the login system of Campcodes Church Management System version 1.0 allows remote attackers to inject malicious SQL code, potentially leading to unauthorized database access and data manipulation. |
|---|---|
| AI Severity | High |
| AI Vendor | Campcodes |
| AI Product | Church Management System |
| AI Version | 1.0 |
Affected Products
- Campcodes Church Management System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, was found in Campcodes Church Management System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259905 was assigned to this vulnerability.