3 matches found
CVE-2023-38773
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php...
CVE-2023-38773
creationtimestamp| type| source ---|---|--- 2023-08-08 20:14:16+00:00| seen| https://t.me/cibsecurity/68006...
CVE-2023-38773
CVE-2023-38773 : ChurchCRM v5.0.0 has a SQL injection in the /QueryView.php endpoint tappable via the volopp1 and volopp2 parameters. The issue allows a remote attacker to retrieve sensitive information. No concrete exploit details in the documents. Practical impact is high according to CVSS note...