CVE-2025-1133 | ChurchCRM up to 5.13.0 EditEventAttendees EID sql injection

Inserito da Angelo Barbosa | Feb 19, 2025 | CVE

A vulnerability classified as critical was found in ChurchCRM up to 5.13.0. This vulnerability affects the function EditEventAttendees. The manipulation of the argument EID leads to sql injection.

This vulnerability was named CVE-2025-1133. The attack can be initiated remotely. There is no exploit available.

CVE-2025-1133 | ChurchCRM up to 5.13.0 EditEventAttendees EID sql injection

Post correlati

CVE-2025-6374 | D-Link DIR-619L 2.06B01 /goform/formSetACLFilter curTime stack-based overflow

CVE-2024-4528 | SourceCodester Prison Management System 1.0 /Admin/user-record.php txtfullname cross site scripting

CVE-2024-1235 | Livemesh Elementor Addons Plugin up to 8.3.2 on WordPress cross site scripting

CVE-2025-5675 | Campcodes Online Teacher Record Management System 1.0 bwdates-reports-details.php fromdate/todate sql injection