| Title | Source Codester Best church management software 1.1 SQL Injection |
|---|
| Description | A vulnerability has been found in SourceCodester Best church management software 1.1 and classified as critical. SourceCodester Best church management software 1.1 has a SQL Injection vulnerability in `/admin/app/profile_crud.php`. Affected is file `/admin/app/profile_crud.php`,The manipulation of the argument `username` leads to SQL injection. Remote attackers can leverage time-based blind SQL injection to extract data from the database. |
|---|
| Source | ⚠️ https://github.com/Yesec/Best-church-management-software/blob/main/profile_crud.php_SQLi.md |
|---|
| User | YeSec (UID 50956) |
|---|
| Submission | 02/08/2025 11:10 (1 Year ago) |
|---|
| Moderation | 02/10/2025 17:04 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 295109 [SourceCodester Best Church Management Software 1.1 profile_crud.php sql injection] |
|---|
| Points | 20 |
|---|