https://vulnerability.circl.lu/sightings/feed 2026-06-28T17:39:51.905506+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4f5abe3d-b47d-4a76-ae0c-b8c554945029/export 2026-06-28T17:39:51.933492+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4f5abe3d-b47d-4a76-ae0c-b8c554945029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38763", "type": "seen", "source": "https://t.me/cibsecurity/68003", "content": "\u203c CVE-2023-38763 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the FundRaiserID parameter within the /FundRaiserEditor.php endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:13.000000Z"} 2023-08-08T20:14:13+00:00 https://vulnerability.circl.lu/sighting/c307c537-a631-4b54-b7e0-06dc1f713ee0/export 2026-06-28T17:39:51.933400+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "c307c537-a631-4b54-b7e0-06dc1f713ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38765", "type": "seen", "source": "https://t.me/cibsecurity/68005", "content": "\u203c CVE-2023-38765 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the membermonth parameter within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:15.000000Z"} 2023-08-08T20:14:15+00:00 https://vulnerability.circl.lu/sighting/65eb5757-6ed9-48c9-bc85-32a330081821/export 2026-06-28T17:39:51.933307+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "65eb5757-6ed9-48c9-bc85-32a330081821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38762", "type": "seen", "source": "https://t.me/cibsecurity/68009", "content": "\u203c CVE-2023-38762 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the friendmonths parameter within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:22.000000Z"} 2023-08-08T20:14:22+00:00 https://vulnerability.circl.lu/sighting/2164131e-2df1-4763-ad17-f851cad3b752/export 2026-06-28T17:39:51.933215+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2164131e-2df1-4763-ad17-f851cad3b752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38768", "type": "seen", "source": "https://t.me/cibsecurity/68010", "content": "\u203c CVE-2023-38768 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the PropertyID parameter within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:23.000000Z"} 2023-08-08T20:14:23+00:00 https://vulnerability.circl.lu/sighting/258c4d8c-c2b8-4087-9a7d-b52698cd0416/export 2026-06-28T17:39:51.933120+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "258c4d8c-c2b8-4087-9a7d-b52698cd0416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38769", "type": "seen", "source": "https://t.me/cibsecurity/68011", "content": "\u203c CVE-2023-38769 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the searchstring and searchwhat parameters within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:24.000000Z"} 2023-08-08T20:14:24+00:00 https://vulnerability.circl.lu/sighting/ebd25aad-8ce8-4bc0-95db-a58860a5b0aa/export 2026-06-28T17:39:51.933022+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ebd25aad-8ce8-4bc0-95db-a58860a5b0aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38764", "type": "seen", "source": "https://t.me/cibsecurity/68013", "content": "\u203c CVE-2023-38764 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the birthmonth and percls parameters within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:26.000000Z"} 2023-08-08T20:14:26+00:00 https://vulnerability.circl.lu/sighting/047a182b-f36c-4dc3-9ba9-1ae90b6a8593/export 2026-06-28T17:39:51.932891+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "047a182b-f36c-4dc3-9ba9-1ae90b6a8593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38767", "type": "seen", "source": "https://t.me/cibsecurity/68016", "content": "\u203c CVE-2023-38767 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:29.000000Z"} 2023-08-08T20:14:29+00:00 https://vulnerability.circl.lu/sighting/85549890-3786-4602-a177-aa1da767ac51/export 2026-06-28T17:39:51.932778+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "85549890-3786-4602-a177-aa1da767ac51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38760", "type": "seen", "source": "https://t.me/cibsecurity/68017", "content": "\u203c CVE-2023-38760 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the role and gender parameters within the /QueryView.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:33.000000Z"} 2023-08-08T20:14:33+00:00 https://vulnerability.circl.lu/sighting/29114618-96ce-4d34-bf3e-e9712db78766/export 2026-06-28T17:39:51.932631+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "29114618-96ce-4d34-bf3e-e9712db78766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38766", "type": "seen", "source": "https://t.me/cibsecurity/68018", "content": "\u203c CVE-2023-38766 \u203c\n\nCross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the PersonView.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:34.000000Z"} 2023-08-08T20:14:34+00:00 https://vulnerability.circl.lu/sighting/237fc92c-6f0a-4a4d-bae4-870866ad56d9/export 2026-06-28T17:39:51.928908+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "237fc92c-6f0a-4a4d-bae4-870866ad56d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38761", "type": "seen", "source": "https://t.me/cibsecurity/68020", "content": "\u203c CVE-2023-38761 \u203c\n\nCross Site Scripting (XSS) vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:57.000000Z"} 2023-08-08T20:14:57+00:00