A vulnerability has been found in phili67 ecclesiacrm up to 8.0.0 and classified as critical . Affected by this issue is the function ValidateInput of the component Query Parameter Handler . This manipulation causes sql injection. This vulnerability appears as CVE-2026-44418 . The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.