7.5
CVE-2005-2473
- EPSS 2.12%
- Veröffentlicht 05.08.2005 04:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in ChurchInfo allow remote attackers to execute arbitrary SQL commands via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, (8) DepositSlipID parameter to DepositSlipEditor.php, (9) QueryID parameter to QueryView.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Churchinfo ≫ Churchinfo Version1.1.1
Churchinfo ≫ Churchinfo Version1.1.2
Churchinfo ≫ Churchinfo Version1.1.3
Churchinfo ≫ Churchinfo Version1.1.4
Churchinfo ≫ Churchinfo Version1.1.5
Churchinfo ≫ Churchinfo Version1.1.6
Churchinfo ≫ Churchinfo Version1.2.0
Churchinfo ≫ Churchinfo Version1.2.1
Churchinfo ≫ Churchinfo Version1.2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.12% | 0.825 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|