← voltar
CVE-2021-41965

CVE-2021-41965

EPSS 1.1%
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://churchcrm.io/https://www.alexbilz.com/post/2022-05-14-cve-2021-41965/