Back to search
CVE-2021-3164
Published: Jan 21, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/Little-Ben/ChurchRota
x_refsource_MISC
https://github.com/rmccarth/cve-2021-3164
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now