| 2025-09-23 |
Asterisk Unsafe Shell Sourcing in safe_asterisk Leads to Local Privilege Escalation |
High |
CVE-2025-1131 |
| 2025-02-19 |
SQL Injection in ChurchCRM CurrentFundraiser Parameter via BatchWinnerEntry.php |
Critical |
CVE-2025-1135 |
| 2025-02-19 |
SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php |
Critical |
CVE-2025-1134 |
| 2025-02-19 |
SQL Injection in ChurchCRM EID Parameter via EditEventAttendees.php |
Critical |
CVE-2025-1133 |
| 2025-02-19 |
SQL Injection in ChurchCRM EN_tyid Parameter via EditEventAttendees.php |
Critical |
CVE-2025-1132 |
| 2025-02-19 |
Session Hijacking via Reflected Cross-Site Scripting (XSS) in ChurchCRM EditEventAttendees.php EID Parameter |
High |
CVE-2025-1024 |
| 2025-02-18 |
SQL Injection in ChurchCRM newCountName Parameter via EditEventTypes.php |
Critical |
CVE-2025-1023 |
| 2025-02-18 |
Session Hijacking via Stored Cross-Site Scripting (XSS) in ChurchCRM GroupEditor.php Description Field |
High |
CVE-2025-0981 |
| 2024-12-04 |
Authenticated HTML Injection in Issuetrak Ticket Comment Function |
High |
CVE-2024-11479 |
| 2024-12-04 |
Unauthorized Modification of Ticket Requester |
High |
CVE-2024-12123 |
