Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/13 8:58 p.m.12 views

EUVD-2026-30169

EcclesiaCRM is CRM Software for church management. In 8.0.0 and earlier, the ValidateInput function's default case in EcclesiaCRM's query view passes user-supplied POST parameters directly into SQL queries via strreplace without any sanitization, enabling SQL injection through query parameters th...

9.8CVSS5.9AI score0.0035EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40810

EcclesiaCRM is CRM Software for church management. In 8.0.0 and earlier, the ValidateInput function's default case in EcclesiaCRM's query view passes user-supplied POST parameters directly into SQL queries via str replace without any sanitization, enabling SQL injection through query parameters...

8.7CVSS5.9AI score0.00285EPSS
Exploits0References3
Circl
Circl
added 2026/04/06 9:21 p.m.4 views

CVE-2026-35184

creationtimestamp| type| source ---|---|--- 2026-04-06 21:21:26+00:00| published-proof-of-concept| Telegram/xKxKUYX0BRejEqYlrURXsjCQY9BctYcoeewNmSMWqY7riM 2026-05-14 00:28:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlrkq7mely2i...

9.8CVSS5.7AI score0.0035EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:21 p.m.2 views

CVE-2026-35184

EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0...

8.7CVSS5.9AI score0.0035EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder