CVE Details
Basic Information
| Title | code-projects Church Donation System add_members.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-21T16:02:05.524Z |
| Modified | 2025-07-21T16:02:05.524Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Church Donation System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A remote SQL injection vulnerability exists in the Church Donation System 1.0, specifically affecting the mobile argument in add_members.php. This could allow attackers to inject malicious SQL code, potentially leading to data compromise. The vulnerability is considered medium severity due to its impact and the product’s niche usage. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Church Donation System |
| AI Version | 1.0 |
Affected Products
- code-projects Church Donation System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/add_members.php. The manipulation of the argument mobile leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.