Lucene search
K

47 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 8:58 a.m.13 views

CVE-2026-11456

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...

7.5CVSS7AI score0.0026EPSS
Exploits0References1
NVD
NVD
added 2026/06/07 9:16 a.m.16 views

CVE-2026-11456

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...

7.5CVSS0.0026EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/07 7:15 a.m.13 views

EUVD-2026-34986

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...

7.5CVSS7AI score0.0026EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/07 7:15 a.m.9 views

CVE-2026-11456

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...

7.5CVSS7AI score0.0026EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/07 7:15 a.m.9 views

CVE-2026-11456 Chanjet CRM HTTP GET Request jxf_dump_systable.php sql injection

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...

7.5CVSS7AI score0.0026EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.11 views

Chanjet CRM SQL注入漏洞

Chanjet CRM is a customer relationship management system developed by Chanjet Corporation. Version 1.0 of Chanjet CRM has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter gblOrgID in the HTTP GET Request Handler component...

7.5CVSS7.5AI score0.0026EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.16 views

PT-2026-47178

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxf dump systable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly...

7.5CVSS7AI score0.0026EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/08 1:11 p.m.15 views

CVE-2025-14189

A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...

7.5CVSS6.8AI score0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/07 12:30 p.m.5 views

EUVD-2025-201600

A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...

7.5CVSS6.2AI score0.00264EPSS
Exploits0References6
NVD
NVD
added 2025/12/07 12:15 p.m.6 views

CVE-2025-14189

A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...

7.5CVSS0.00264EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/07 11:32 a.m.2 views

CVE-2025-14189 Chanjet CRM jxf_dump_table_demo.php sql injection

A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...

7.5CVSS6.4AI score0.00264EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/07 11:32 a.m.18 views

CVE-2025-14189 Chanjet CRM jxf_dump_table_demo.php sql injection

A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...

7.5CVSS0.00264EPSS
Exploits0References5
CVE
CVE
added 2025/12/07 11:32 a.m.14 views

CVE-2025-14189

CVE-2025-14189 affects Chanjet CRM up to 20251121 (and prior versions). The vulnerability is a SQL injection in an unknown function of the file /tools/jxf_dump_table_demo.php caused by improper handling of the gblOrgID parameter. It can be exploited remotely and public exploit code exists. Affect...

7.5CVSS6.4AI score0.00264EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/04 6:17 p.m.14 views

CVE-2025-13788

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

9.8CVSS7AI score0.00351EPSS
Exploits1References1
OSV
OSV
added 2025/11/30 1:15 p.m.8 views

CVE-2025-13788

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

9.8CVSS5.6AI score
Exploits0References4
NVD
NVD
added 2025/11/30 1:15 p.m.7 views

CVE-2025-13788

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

9.8CVSS0.00351EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/30 12:32 p.m.16 views

CVE-2025-13788 Chanjet CRM upgradeattribute.php sql injection

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

7.5CVSS0.00351EPSS
Exploits1References4
CVE
CVE
added 2025/11/30 12:32 p.m.19 views

CVE-2025-13788

chanjet crm is affected by a SQL injection in /tools/upgradeattribute.php via the gblOrgID parameter. The vulnerability affects Chanjet CRM versions up to 20251106 (pre-51107). Root cause: input manipulation in an unknown function leads to injectable SQL. Impact is high (remote attacker, data exp...

9.8CVSS6.6AI score0.00351EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/11/30 12:0 a.m.3 views

Chanjet CRM SQL注入漏洞

Chanjet CRM is a Customer Relationship Management system from China's Chanjet. A SQL injection vulnerability exists in Chanjet CRM 20251106 and earlier versions, which stems from incorrect manipulation of the parameter gblOrgID in the file /tools/upgradeattribute.php, which could lead to SQL...

9.8CVSS7.8AI score0.00351EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/11/30 12:0 a.m.11 views

PT-2025-48390

Name of the Vulnerable Software and Affected Versions Chanjet CRM versions prior to 20251107 Description A flaw exists in Chanjet CRM that allows for SQL injection. The issue is located in the /tools/upgradeattribute.php file, specifically within an unknown function. Manipulation of the gblOrgID...

9.8CVSS7.4AI score0.00351EPSS
Exploits1References11
Rows per page
Query Builder