code-projects Church Donation System HTTP POST Request index.php sql injection

July 25, 2025 invoker category_cve

CVE Details

Basic Information

Title code-projects Church Donation System HTTP POST Request index.php sql injection
Type cve
Published 2025-07-25T19:02:05.109Z
Modified 2025-07-25T19:02:05.109Z

Product Information

Vendor code-projects
Product Church Donation System
Version 1.0

CVSS Information

Base Score 6.9 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Affected Products

  • code-projects Church Donation System 1.0

Additional Information

CWE List CWE-89, CWE-74
Source VulDB

Description

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.