47 matches found
CVE-2026-11456
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...
CVE-2026-11456
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...
EUVD-2026-34986
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...
CVE-2026-11456
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...
CVE-2026-11456 Chanjet CRM HTTP GET Request jxf_dump_systable.php sql injection
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...
Chanjet CRM SQL注入漏洞
Chanjet CRM is a customer relationship management system developed by Chanjet Corporation. Version 1.0 of Chanjet CRM has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter gblOrgID in the HTTP GET Request Handler component...
PT-2026-47178
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxf dump systable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly...
CVE-2025-14189
A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...
EUVD-2025-201600
A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...
CVE-2025-14189
A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...
CVE-2025-14189 Chanjet CRM jxf_dump_table_demo.php sql injection
A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...
CVE-2025-14189 Chanjet CRM jxf_dump_table_demo.php sql injection
A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...
CVE-2025-14189
CVE-2025-14189 affects Chanjet CRM up to 20251121 (and prior versions). The vulnerability is a SQL injection in an unknown function of the file /tools/jxf_dump_table_demo.php caused by improper handling of the gblOrgID parameter. It can be exploited remotely and public exploit code exists. Affect...
CVE-2025-13788
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-13788
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-13788
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-13788 Chanjet CRM upgradeattribute.php sql injection
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-13788
chanjet crm is affected by a SQL injection in /tools/upgradeattribute.php via the gblOrgID parameter. The vulnerability affects Chanjet CRM versions up to 20251106 (pre-51107). Root cause: input manipulation in an unknown function leads to injectable SQL. Impact is high (remote attacker, data exp...
Chanjet CRM SQL注入漏洞
Chanjet CRM is a Customer Relationship Management system from China's Chanjet. A SQL injection vulnerability exists in Chanjet CRM 20251106 and earlier versions, which stems from incorrect manipulation of the parameter gblOrgID in the file /tools/upgradeattribute.php, which could lead to SQL...
PT-2025-48390
Name of the Vulnerable Software and Affected Versions Chanjet CRM versions prior to 20251107 Description A flaw exists in Chanjet CRM that allows for SQL injection. The issue is located in the /tools/upgradeattribute.php file, specifically within an unknown function. Manipulation of the gblOrgID...