CVE-2022-31325

Published June 8th, 2022

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

6.5

MEDIUM

Affected

2

PROJECTS

Description

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php.

ChurchCRM - A free and open-source Church Management Software (ChMS) to help churches manage their membership data, groups, events, and finances.

GitHub

890

nu11secur1ty/CVE-mitre

https://cve.mitre.org/

GitHub

173