| Title | Chanjet Information Technology Company Limited Chanjet CRM Chanjet CRM SQL Injection |
|---|
| Description | Chanjet Information Technology Co., Ltd.'s CRM system is affected by an SQL injection vulnerability. Attackers can exploit this vulnerability to access database information, leading to the leakage of sensitive data.
Important: Do not include cookies when reproducing the vulnerability.
Tools like Burp Suite or SQLMap should not carry cookies during testing. Use the provided POC directly.
The vulnerability is sensitive to network conditions. Responses may be slow, so retrying with packet capture is recommended.
Ensure the request packet includes two blank lines at the end. |
|---|
| Source | ⚠️ https://github.com/ClausiusFan/CVE/blob/main/CVE_1.md |
|---|
| User | Clausius Fan (UID 85102) |
|---|
| Submission | 05/10/2025 14:09 (11 months ago) |
|---|
| Moderation | 05/24/2025 19:47 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 310240 [Chanjet CRM up to 20250510 gblOrgID sql injection] |
|---|
| Points | 20 |
|---|