Exploit Report

Computer Security And Bug Information

CVE-2021-43258

CVECVE-2021-43258
CVE Ordinal Value220309
Published Date2022-11-23T19:15Z
Modified Date2022-11-30T15:52Z
CWE TypeCWE-434
CVSS 3.xCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
DescriptionCartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requires authenticated access tot he ChurchInfo application. Once authenticated, a user can add names to their cart, and compose an email. Uploading an attachment for the email stores the attachment on the site in the /tmp_attach/ folder where it can be accessed with a GET request. There are no limitations on files that can be attached, allowing for malicious PHP code to be uploaded and interpreted by the server.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttp://www.churchdb.org/
Reference DescriptionMISC http://www.churchdb.org/
Reference URLhttps://github.com/rapid7/metasploit-framework/pull/17257
Reference DescriptionMISC https://github.com/rapid7/metasploit-framework/pull/17257
Reference URLhttps://sourceforge.net/projects/churchinfo/files/
Reference DescriptionMISC https://sourceforge.net/projects/churchinfo/files/
TagsProduct
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles