CVE-2021-43258

Published: Nov 23, 2022

Modified: Apr 28, 2025

PUBLISHED

Description

CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requires authenticated access tot he ChurchInfo application. Once authenticated, a user can add names to their cart, and compose an email. Uploading an attachment for the email stores the attachment on the site in the /tmp_attach/ folder where it can be accessed with a GET request. There are no limitations on files that can be attached, allowing for malicious PHP code to be uploaded and interpreted by the server.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.churchdb.org/

https://sourceforge.net/projects/churchinfo/files/

https://github.com/rapid7/metasploit-framework/pull/17257

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-43258

Description

Affected Products

References