mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
89 lines
3.5 KiB
JSON
89 lines
3.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2025-1023",
|
|
"ASSIGNER": "ict.security@gridware.com.au",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability exists in ChurchCRM\u00a05.13.0 and prior\u00a0that allows an attacker to execute arbitrary SQL queries by exploiting a time-based blind SQL Injection\u00a0vulnerability in the EditEventTypes\u00a0functionality. The newCountName\u00a0parameter is directly concatenated into an SQL query without proper sanitization, allowing an attacker to manipulate database queries and execute arbitrary commands, potentially leading to data exfiltration, modification, or deletion."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
|
|
"cweId": "CWE-89"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "ChurchCRM",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "ChurchCRM",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "ChurchCRM 5.13.0 and prior"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://github.com/ChurchCRM/CRM/issues/7246",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/ChurchCRM/CRM/issues/7246"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<p>To prevent SQL injection, use prepared statements with parameterised queries. Additionally, implement input validation to reject dangerous characters, apply the principle of least privilege to database users to minimise potential damage, and assign appropriate data types in PHP, such as converting newCountName to an integer if it represents a numeric value.</p>"
|
|
}
|
|
],
|
|
"value": "To prevent SQL injection, use prepared statements with parameterised queries. Additionally, implement input validation to reject dangerous characters, apply the principle of least privilege to database users to minimise potential damage, and assign appropriate data types in PHP, such as converting newCountName to an integer if it represents a numeric value."
|
|
}
|
|
],
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Michael McInerney"
|
|
}
|
|
]
|
|
} |