This script is a PoC for CVE-2024-39304, where a SQLi is possible due to a lack of sanitization in the ChurchCRM project.
python3 CVE-2024-39304.py -u <USERNAME> -p <PASSWORD> -b <URL> -v
Example: python3 CVE-2024-39304.py -u FirstLast -p Password123 -b http://localhost/churchcrm -v