| Título | Chanjet CRM V1.0 SQL Injection |
|---|
| Descripción | A critical SQL injection vulnerability was discovered in Chanjet CRM upgradeattribute.php component. The "gblOrgID" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database.
|
|---|
| Fuente | ⚠️ https://github.com/Bellingham-max/CVE/issues/1 |
|---|
| Usuario | HALA (UID 92379) |
|---|
| Sumisión | 2025-11-06 15:09 (hace 8 meses) |
|---|
| Moderación | 2025-11-29 21:25 (23 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 333792 [Chanjet CRM hasta 20251106 upgradeattribute.php gblOrgID inyección SQL] |
|---|
| Puntos | 18 |
|---|