ChurchCRM SQL注入漏洞
ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM versions 2.0.0 through 4.4.5. An attacker exploits the vulnerability to issue arbitrary SQL commands to the database by using unprocessed ENtyid, ID, and EID fields...