🟠 CVE-2026-39319 - High (8.8)

ChurchCRM is an open-source church management system. Prior to 7.1.0, a second order SQL injection vulnerability was found in the endpoint /FundRaiserEditor.php in ChurchCRM. A user has to be authenticated but doesn't need any privileges. These us...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-39319/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack