VYPR
Critical severity9.8NVD Advisory· Published Apr 6, 2026· Updated Apr 16, 2026

CVE-2026-35184

CVE-2026-35184

Description

EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:ecclesiacrm:ecclesiacrm:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ecclesiacrm:ecclesiacrm:*:*:*:*:*:*:*:*range: <8.0.0
    • (no CPE)range: <8.0.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.