Unrated severityNVD Advisory· Published May 15, 2022· Updated Aug 4, 2024
CVE-2021-41965
CVE-2021-41965
Description
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- churchcrm.iomitrex_refsource_MISC
- www.alexbilz.com/post/2022-05-14-cve-2021-41965/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.