PT-2025-6846 · Sourcecodester · Sourcecodester Best Church Management
Yesec
·
Published
2025-02-12
·
Updated
2025-02-12
·
CVE-2025-1201
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Best Church Management Software version 1.1
Description
A critical issue affects the processing of the file /admin/app/profile crud.php, leading to sql injection. The attack may be initiated remotely. Multiple parameters might be affected.
Recommendations
For SourceCodester Best Church Management Software version 1.1, consider restricting access to the /admin/app/profile crud.php file until a patch is available. As a temporary workaround, avoid using parameters that may be affected by the sql injection issue in the /admin/app/profile crud.php file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sourcecodester Best Church Management