CVE-2017-14845: SQL Injection
First published: Thu Sep 28 2017(Updated: )
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Church Management System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-14845?
CVE-2017-14845 is classified as a high severity vulnerability due to its potential for SQL Injection attacks.
How do I fix CVE-2017-14845?
To fix CVE-2017-14845, it is recommended to update the WPCHUR Church Management System plugin to the latest version that addresses the vulnerability.
What systems are affected by CVE-2017-14845?
CVE-2017-14845 affects the WPCHUR Church Management System plugin for WordPress, specifically versions before the patch.
What type of attack does CVE-2017-14845 enable?
CVE-2017-14845 enables SQL Injection attacks via unsanitized input in the 'id' parameter, allowing unauthorized access to the database.
What should I do if I am compromised by CVE-2017-14845?
If compromised by CVE-2017-14845, immediate steps should include removing the vulnerable plugin, securing your database, and assessing for any data breaches.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/tags
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/author
- agent/event
- vendor/dasinfomedia
- canonical/church management system