Vulnerabilities > Churchcrm > Churchcrm > 5.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-08 | CVE-2023-38770 | SQL Injection vulnerability in Churchcrm 5.0.0 SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the group parameter within the /QueryView.php. | 7.5 |
2023-08-08 | CVE-2023-38771 | SQL Injection vulnerability in Churchcrm 5.0.0 SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp parameter within the /QueryView.php. | 7.5 |
2023-08-08 | CVE-2023-38773 | SQL Injection vulnerability in Churchcrm 5.0.0 SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php. | 7.5 |