CVE-2025-14190
Chanjet TPlus is affected by CVE-2025-14190 through a SQL injection in the parameter currentAccId used by the Load path: /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. The flaw, exploitable remotely, stems from the unknown/undocumented functionality a...