Lucene search

K

7 matches found

CVE
CVE
added 2024/11/12 1:15 p.m.37 views

CVE-2024-11121

A vulnerability classified as critical was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?module=Users&action=getActionList. The manipulation of the argument userid leads to sql injection. T...

9.8CVSS6.8AI score0.00067EPSS
Web
CVE
CVE
added 2024/11/12 1:15 p.m.35 views

CVE-2024-11123

A vulnerability, which was classified as problematic, was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path traversal. It is possible to initiate the attac...

7.5CVSS4.6AI score0.00054EPSS
Web
CVE
CVE
added 2024/11/12 1:15 p.m.34 views

CVE-2024-11122

A vulnerability, which was classified as critical, has been found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index.php?msgid=1&operation=upload. The manipulation of the argument file leads to unrestricted upload. T...

9.8CVSS6.3AI score0.001EPSS
Web
CVE
CVE
added 2025/07/27 3:15 a.m.6 views

CVE-2025-8219

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. It has been rated as critical. This issue affects some unknown processing of the file /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php of the component HTTP POST Request Handler. The manipulation of the a...

9.8CVSS7.1AI score0.00034EPSS
Web
CVE
CVE
added 2025/07/31 3:15 a.m.6 views

CVE-2025-8345

A vulnerability classified as critical was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this vulnerability is the function delete_user of the file crm/WeiXinApp/yunzhijia/yunzhijiaApi.php. The manipulation of the argument function leads to sql injection....

9.8CVSS7.7AI score0.00029EPSS
Web
CVE
CVE
added 2025/08/19 2:15 p.m.5 views

CVE-2025-9140

A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to...

8.8CVSS7AI score0.00193EPSS
CVE
CVE
added 2025/08/13 1:15 p.m.4 views

CVE-2025-8908

A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection. The attack may be launched remot...

9.8CVSS8.5AI score0.00031EPSS