CVE-2025-14189

A vulnerability was detected in Chanjet CRM up to 20251121. Affected is an unknown function of the file /tools/jxfdumptabledemo.php. The manipulation of the argument gblOrgID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor w...

PT-2025-49402

Name of the Vulnerable Software and Affected Versions Chanjet CRM versions prior to 20251122 Description A SQL injection issue exists in Chanjet CRM. The issue is related to the manipulation of the gblOrgID parameter within the /tools/jxf dump table demo.php file. This manipulation affects an...

CVE-2025-13788

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

EUVD-2025-199930

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

CVE-2025-13788

chanjet crm is affected by a SQL injection in /tools/upgradeattribute.php via the gblOrgID parameter. The vulnerability affects Chanjet CRM versions up to 20251106 (pre-51107). Root cause: input manipulation in an unknown function leads to injectable SQL. Impact is high (remote attacker, data exp...

CVE-2025-13788 Chanjet CRM upgradeattribute.php sql injection

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

Chanjet CRM 注入漏洞

Chanjet CRM is a customer relationship management system from China's Chanjet company. An injection vulnerability exists in Chanjet CRM version 1.0, which is caused by incorrect manipulation of the parameter gblOrgID in the file /sysconfig/departmentsetting.php, resulting in SQL injection...

Chanjet CRM 注入漏洞

Chanjet CRM is a Customer Relationship Management system from China Changjitong Chanjet. An injection vulnerability exists in Chanjet CRM 20250510 and earlier versions, which originates from SQL injection due to incorrect operation of the parameter gblOrgID in the file...

Yonyou Changjietong UFIDA CRM 安全漏洞

Yonyou Changjietong UFIDA CRM is a customer relationship management system for small and medium-sized enterprises SMEs from China's Yonyou, integrating sales automation and marketing analytics. Yonyou Changjietong UFIDA CRM suffers from a SQL injection vulnerability that originates from the lack ...