Vulnerabilities > Church Management System Project > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-30	CVE-2022-45328	SQL Injection vulnerability in Church Management System Project Church Management System 1.0 Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php. network low complexity church-management-system-project CWE-89	7.2
2022-10-12	CVE-2022-41406	Unrestricted Upload of File with Dangerous Type vulnerability in Church Management System Project Church Management System 1.0 An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. network low complexity church-management-system-project CWE-434	7.2
2022-09-15	CVE-2022-38594	SQL Injection vulnerability in Church Management System Project Church Management System 1.0 Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php. network low complexity church-management-system-project CWE-89	7.2
2022-09-15	CVE-2022-38595	SQL Injection vulnerability in Church Management System Project Church Management System 1.0 Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php. network low complexity church-management-system-project CWE-89	7.2
2022-09-12	CVE-2022-38605	SQL Injection vulnerability in Church Management System Project Church Management System 1.0 Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php. network low complexity church-management-system-project CWE-89	7.2
2022-08-05	CVE-2022-2680	Unspecified vulnerability in Church Management System Project Church Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. network low complexity church-management-system-project	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.