CVE-2025-68111 | ChurchCRM up to 6.5.2 POST Parameter eGive.php ReImport MissingEgive_FamID_ sql injection

A vulnerability classified as critical has been found in ChurchCRM up to 6.5.2. This issue affects the function ReImport of the file eGive.php of the component POST Parameter Handler. Performing manipulation of the argument MissingEgive_FamID_ results in sql injection.

This vulnerability is reported as CVE-2025-68111. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More