Akgul7990

**Name of the Vulnerable Software and Affected Versions** Grav versions prior to 2.0.0-beta.2 **Description** An authenticated user with administrative privileges can achieve Remote Code Execution (RCE) by uploading a specially crafted ZIP file through the "Direct Install" tool. The system fails to inspect the contents of uploaded ZIP archives, allowing a malicious plugin to be extracted and execute arbitrary PHP code or drop a persistent web shell on the server. The issue exists in the handling of the `directInstall` task within the Admin plugin and the Grav Package Manager (GPM) core, specifically within the `Installer::install()` function. The vulnerable endpoint is '/admin/tools/direct-install'. **Recommendations** Update to version 2.0.0-beta.2. As a temporary workaround, restrict access to the '/admin/tools/direct-install' endpoint to only highly trusted administrators and avoid installing plugins from untrusted sources.

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 7.0.0 Description ChurchCRM, an open-source church management system, contains a stored cross-site scripting (XSS) issue in the Person Property Management subsystem. An authenticated user can inject arbitrary JavaScript code through dynamically assigned person properties. The malicious payload is persistently stored and executed when other users view the affected person profile or access the printable view, potentially leading to session hijacking or full account compromise. Recommendations Update to version 7.0.0 or later.