Submit #617844: Shanghai Lingdang Information Technology Co., Ltd Ling Dang CRM <= V8.6.5.2.23 SQL Injectioninfo

TitleShanghai Lingdang Information Technology Co., Ltd Ling Dang CRM <= V8.6.5.2.23 SQL Injection
DescriptionIn versions of LingDang CRM earlier than 8.6.5.2.23, a vulnerability classified as severe has been discovered. This affects an unknown part of the file yunzhijiaApi.php. Manipulating the parameter user_list leads to SQL injection.
Source⚠️ https://github.com/jackyliu666/blob01/blob/main/README.md
User
 paatiw (UID 32385)
Submission07/17/2025 20:41 (9 months ago)
Moderation07/30/2025 11:54 (13 days later)
StatusAccepted
VulDB entry318295 [Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7 yunzhijiaApi.php delete_user function sql injection]
Points17

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!