Ecclesia Crm

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-6628 MEDIUM POC This Month

SQL injection in phili67 Ecclesia CRM up to version 8.0.0 allows authenticated remote attackers to execute arbitrary SQL queries via the 'custom' parameter in the Query Viewer Component (/v2/query/view/). The vulnerability has a publicly available exploit and affects confidentiality, integrity, and availability of database operations. The vendor has not responded to early disclosure notification.

SQLi Ecclesia Crm

NVD VulDB GitHub

CVSS 4.0

5.3

EPSS

0.0%

CVE-2026-6628

EPSS 0% CVSS 5.3

MEDIUM POC This Month

SQL injection in phili67 Ecclesia CRM up to version 8.0.0 allows authenticated remote attackers to execute arbitrary SQL queries via the 'custom' parameter in the Query Viewer Component (/v2/query/view/). The vulnerability has a publicly available exploit and affects confidentiality, integrity, and availability of database operations. The vendor has not responded to early disclosure notification.

SQLi Ecclesia Crm

NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy