# Exploit Title: ChurchCRM 4.5.3 - Authenticated SQL Injection# Date: 27-04-2023# Exploit Author: Iyaad Luqman K# Software Link: https://github.com/ChurchCRM/CRM/releases# Vendor Homepage: http://churchcrm.io/# Version: 4.5.3# Tested on: Windows, Linux# CVE: CVE-2023-24685ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module.- After Logging in, go