CVE-2024-39304

Published: Jul 26, 2024Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

ChurchCRM is an open-source church management system. Versions of the application prior to 5.9.2 are vulnerable to an authenticated SQL injection due to an improper sanitization of user input. Authentication is required, but no elevated privileges are necessary. This allows attackers to inject SQL statements directly into the database query due to inadequate sanitization of the EID parameter in in a GET request to `/GetText.php`. Version 5.9.2 patches the issue.

Affected (1)

Products: Churchcrm: Churchcrm

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Churchcrm Churchcrm	Before 5.9.2

Related CWEs

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

References (4)

https://github.com/ChurchCRM/CRM/commit/e3bd7bfbf33f01148df0ef1acdb0cf2c2b878b08

Source: security-advisories@github.com

Patch

https://github.com/ChurchCRM/CRM/security/advisories/GHSA-2rh6-gr3h-83j9

Source: security-advisories@github.com

ExploitThird Party Advisory

https://github.com/ChurchCRM/CRM/commit/e3bd7bfbf33f01148df0ef1acdb0cf2c2b878b08

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://github.com/ChurchCRM/CRM/security/advisories/GHSA-2rh6-gr3h-83j9

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.