| Title | Chanjet CRM V1.0 SQL Injection |
|---|
| Description | A critical SQL injection vulnerability was discovered in Chanjet CRM upgradeattribute.php component. The "gblOrgID" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database.
|
|---|
| Source | ⚠️ https://github.com/Bellingham-max/CVE/issues/1 |
|---|
| User | HALA (UID 92379) |
|---|
| Submission | 11/06/2025 15:09 (8 months ago) |
|---|
| Moderation | 11/29/2025 21:25 (23 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 333792 [Chanjet CRM up to 20251106 upgradeattribute.php gblOrgID sql injection] |
|---|
| Points | 18 |
|---|