Source: National Vulnerability Database

CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requires authenticated access tot he ChurchInfo application. Once authenticated, a user can add names to their cart, and compose an email.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43258

59 hits since 2022-11-24

PHP Vulns Source Ratio: 16% (8192 total, 670 propagated, 4096 filtered)