6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.5%
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the FundRaiserID parameter within the /FundRaiserEditor.php endpoint.
churchcrm.io/
demo.churchcrm.io/master
github.com/0x72303074/CVE-Disclosures
github.com/ChurchCRM/CRM/wiki