CVE-2023-38765
Published
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
2
PROJECTS
Description
SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the membermonth parameter within the /QueryView.php.
ChurchCRM - A free and open-source Church Management Software (ChMS) to help churches manage their membership data, groups, events, and finances.
GitHubGitHub