2 matches found
CVE-2025-68111 ChurchCRM has SQL Injection in eGive Import Feature
ChurchCRM is an open-source church management system. In versions prior to 6.5.3, a SQL injection vulnerability exists in the eGive.php file within the "ReImport" functionality. An authenticated user with finance privileges can execute arbitrary SQL queries by manipulating the MissingEgiveFamID...
ChurchCRM SQL注入漏洞
ChurchCRM is an open source church management system. ChurchCRM suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the MissingEgiveFamID parameter in the eGive.php file. No detailed vulnerability details are provided at this...