SQL Injection in Imaster Mems Events Crm

CVE-2025-41006

Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’.

Vulnerability class: SQL Injection

EPSS: 0.003 (22.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References