CVE-2026-58409: CWE-434: Unrestricted Upload of File with Dangerous Type in ChurchCRM CRM
ChurchCRM versions prior to 7.4.0 contain a critical vulnerability allowing authenticated administrators to achieve remote code execution by installing malicious plugin ZIP archives containing PHP…
Read the full article3d agoen
You might also wanna read
CVE-2026-58411: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ChurchCRM CRM
radar.offseq.com·3d ago
CVE-2026-58410: CWE-639: Authorization Bypass Through User-Controlled Key in ChurchCRM CRM
radar.offseq.com·3d ago
CVE-2026-58408: CWE-862: Missing Authorization in ChurchCRM CRM
radar.offseq.com·3d ago
CVE-2026-22104: CWE-639 Authorization bypass through User-Controlled key in hashtopolis server
radar.offseq.com·4m ago
Windows Server 2022 reach end of mainstream support in 90 days
radar.offseq.com·35m ago
Cyberattack Disrupts Operations of Japanese Frozen Food Giant Nichirei
radar.offseq.com·35m ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.