Known Vulnerabilities for products from ChurchCRM

Listed below are 20 of the newest known vulnerabilities associated with the vendor "ChurchCRM".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-39344 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39343 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39342 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39341 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39340 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39339 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39338 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39337 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39336 json		Not Provided	2026-04-07	2026-04-07
CVE-2026-39335 json		Not Provided	2026-04-07	2026-04-07
CVE-2023-38773 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38771 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp para...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38770 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the group param...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38769 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the searchstrin...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38768 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the PropertyID ...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38767 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38766 json	Cross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafte...	5.4 - MEDIUM	2023-08-08	2023-08-09
CVE-2023-38765 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the membermonth...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38764 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the birthmonth ...	7.5 - HIGH	2023-08-08	2023-08-09
CVE-2023-38763 json	SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the FundRaiserI...	6.5 - MEDIUM	2023-08-08	2023-08-09

Results limited to 20 most recent vulnerabilities