CVE-2020-37006

Name of the Vulnerable Software and Affected Versions berliCRM version 1.0.24

Description An issue exists where remote attackers can manipulate database queries. This is possible by injecting malicious SQL code through a crafted POST request to the 'index.php' endpoint using the src record parameter, potentially leading to the extraction or modification of database information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.