CVE-2025-66313 | ChurchCRM up to 6.2.0 1FieldSec sql injection

December 1, 2025 Yanac

A vulnerability described as critical has been identified in ChurchCRM up to 6.2.0. This affects an unknown part. Executing manipulation of the argument 1FieldSec can lead to sql injection.

This vulnerability is registered as CVE-2025-66313. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-66403 | error311 FileRise up to 2.2.2 Uploaded SVG File cross site scripting
CVE-2025-65840 | PublicCMS 5.202506.b CkEditorAdminController cross-site request forgery