CNNVD-202507-3403 Information
CNNVD ID
CNNVD-202507-3403
Related CVE
- CNNVD Published: 2025-07-27
Description (Chinese)
Lingdang CRM(灵当CRM)是中国灵当(Lingdang)公司的一个客户关系管理系统。 Lingdang CRM(灵当CRM) 8.6.4.7及之前版本存在注入漏洞,该漏洞源于文件/crm/crmapi/erp/tabdetail_moduleSave_dxkp.php中参数getvaluestring导致SQL注入。
Description (English)
Lingdang CRM is a customer relationship management system for Lingdang, China. Lingdang CRM (Lingdang CRM) 8.6.4.7 et seq. contains an injection loophole that originates from the parameter Getvaluestring in document/crm/crmapi/erp/tabdetail moduleSave dxkp.php leading to the injection of SQL.
Hazard Level
High
Vulnerability Type
注入
Affected Vendor
灵当
Published
2025-07-27
Last Modified
2026-02-24
References
https://vuldb.com/?submit.616140 https://vuldb.com/?ctiid.317807 https://vuldb.com/?id.317807 https://www.notion.so/SQL-Injection-Vulnerability-in-Lingdang-CRM-231ac9e8711e8017ab4ee3bb5f4aab0b?source=copy_link https://access.redhat.com/security/cve/cve-2025-8219 https://nvd.nist.gov/vuln/detail/CVE-2025-8219
Share on: