CNNVD-202507-2471 Information
Jul 18, 2025
cve
CNNVD ID
CNNVD-202507-2471
Related CVE
- CNNVD Published: 2025-07-18
Description (Chinese)
BossSoft CRM是中国博思软件(BossSoft)公司的一款客户关系管理软件。 BossSoft CRM 6.0版本存在注入漏洞,该漏洞源于对文件/crm/module/HNDCBas_customPrmSearchDtl.jsp中参数cstid的错误操作导致SQL注入。
Description (English)
BossSoft CRM is a customer relationship management software for BossSoft in China. There is an injection loophole in BossSoft CRM version 6.0, which results from an error in the application of the parameter cstid in document/crm/module/HNDCBAS customPrmSearchDtl.jsp.
Hazard Level
Medium
Vulnerability Type
注入
Affected Vendor
博思软件
Published
2025-07-18
Last Modified
2026-02-24
References
https://github.com/cc2024k/CVE/issues/1 https://vuldb.com/?ctiid.316867 https://vuldb.com/?id.316867 https://vuldb.com/?submit.616840 https://access.redhat.com/security/cve/cve-2025-7801
Share on: