CVE-2020-37006
EUVD-2020-3091729.01.2026, 15:16
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through a crafted POST request to the index.php endpoint to potentially extract or modify database information.
Awaiting analysis
This vulnerability is currently awaiting analysis.