21Şub
CVE-2024-25893 | ChurchCRM 5.5.0 GET Parameter FRCertificates.php CurrentFundraiser sql injection
A vulnerability was found in ChurchCRM 5.5.0. It has been classified as critical. Affected is an unknown function of the file FRCertificates.php of the component GET Parameter Handler. The manipulation of the argument CurrentFundraiser leads to sql injection. This vulnerability is traded as CVE-2024-25893. The attack needs to be approached within the local network. There is no exploit available.