CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-25897

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.09458/1

CVE-2024-25897: Blind SQL Injection vulnerability in ChurchCRM 5.5.0. The FRCatalog.php component is susceptible to a time-based injection via the CurrentFundraiser GET parameter, allowing attackers to potentially extract sensitive database information. With an SVRS score of 30, while not critical, this vulnerability still poses a risk, especially given that exploits are available and it has been seen 'In The Wild'. Attackers can exploit this vulnerability to gain unauthorized access to the database. Successful exploitation can lead to data breaches, compromising sensitive user information and potentially impacting the integrity and availability of the entire ChurchCRM system. Organizations using ChurchCRM should prioritize patching this vulnerability to mitigate the risk of exploitation. Despite the low SVRS score, the 'Exploit Available' tag and 'In The Wild' tag suggest that the vulnerability is being actively targeted.

TAGS
In The Wild
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-02-21
LAST MODIFIED2024-08-01
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-25897 is a Blind SQL Injection vulnerability in ChurchCRM 5.5.0 FRCatalog.php, allowing attackers to execute arbitrary SQL queries via the CurrentFundraiser GET parameter. The CVSS score of 9.8 indicates a critical severity, while the SOCRadar Vulnerability Risk Score (SVRS) of 42 highlights the urgency of addressing this threat.

Key Insights:

  • Exploitation in the Wild: Active exploits have been published, indicating that hackers are actively exploiting this vulnerability.
  • High Impact: Blind SQL Injection vulnerabilities can lead to data theft, database manipulation, and website compromise.
  • Widely Used Software: ChurchCRM is a popular church management software, increasing the potential impact of this vulnerability.
  • Threat Actors: Specific threat actors or APT groups exploiting this vulnerability have not been identified.

Mitigation Strategies:

  • Update Software: Install the latest version of ChurchCRM (5.5.1) to patch the vulnerability.
  • Implement Input Validation: Validate user input to prevent malicious SQL queries from being executed.
  • Use a Web Application Firewall (WAF): Configure a WAF to block malicious requests and protect against SQL injection attacks.
  • Monitor for Suspicious Activity: Regularly monitor logs and network traffic for any suspicious activity that may indicate exploitation attempts.

Additional Information:

  • The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning for this vulnerability.
  • Users with additional queries can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
i-100-user/CVE-2024-25897https://github.com/i-100-user/CVE-2024-258972024-08-08
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-25897 | ChurchCRM 5.5.0 GET Parameter FRCatalog.php CurrentFundraiser sql injection (Issue 6856)
vuldb.com2025-03-17
CVE-2024-25897 | ChurchCRM 5.5.0 GET Parameter FRCatalog.php CurrentFundraiser sql injection (Issue 6856) | A vulnerability, which was classified as critical, has been found in ChurchCRM 5.5.0. Affected by this issue is some unknown functionality of the file FRCatalog.php of the component GET Parameter Handler. The manipulation of the argument CurrentFundraiser leads to sql injection. This vulnerability is handled as <a href
vuldb.com
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://github.com/ChurchCRM/CRM/issues/6856
GITHUBhttps://github.com/ChurchCRM/CRM/issues/6856
GITHUBhttps://github.com/ChurchCRM/CRM/issues/6856

CWE Details

CWE IDCWE NameDescription
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence