5
CVE-2005-2474
- EPSS 1.09%
- Veröffentlicht 05.08.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginChurchInfo allows remote attackers to execute obtain sensitive information via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, an invalid Number parameter to (8) SelectList.php or (9) SelectDelete.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php, which reveal the path in an error message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Churchinfo ≫ Churchinfo Version1.1.1
Churchinfo ≫ Churchinfo Version1.1.2
Churchinfo ≫ Churchinfo Version1.1.3
Churchinfo ≫ Churchinfo Version1.1.4
Churchinfo ≫ Churchinfo Version1.1.5
Churchinfo ≫ Churchinfo Version1.1.6
Churchinfo ≫ Churchinfo Version1.2.0
Churchinfo ≫ Churchinfo Version1.2.1
Churchinfo ≫ Churchinfo Version1.2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.09% | 0.759 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|