SQL Injection Vulnerability in ChurchCRM 4.4.5 via 'PersonID' Field in /churchcrm/WhyCameEditor.php

SQL Injection Vulnerability in ChurchCRM 4.4.5 via 'PersonID' Field in /churchcrm/WhyCameEditor.php

CVE-2022-31325 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.