2 matches found
CVE-2023-38771
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp parameter within the /QueryView.php...
CVE-2023-38771
ChurchCRM v5.0.0 is affected by an SQL injection via the volopp parameter in /QueryView.php. Root cause: improper handling of user input in that endpoint leads to database query manipulation. Impact per the records includes exposure of sensitive information to remote attackers; exploitation detai...