CNNVD-202511-3063 Information

CNNVD ID

CNNVD-202511-3063

Related CVE

CVE-2025-13788

• CNNVD Published: 2025-11-30

Description (Chinese)

Chanjet CRM是中国畅捷通（Chanjet）公司的一个客户关系管理系统。 Chanjet CRM 20251106及之前版本存在SQL注入漏洞，该漏洞源于对文件/tools/upgradeattribute.php中参数gblOrgID的错误操作，可能导致SQL注入。

Description (English)

Chanjet CRM is a customer relationship management system of Chanjet China. Chanjet CRM 20255106 and previous versions had an injection loophole in SQL, which stemmed from an error in the argument gblOrgID in document/tools/upgradeattribute.php, which could lead to SQL injection.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

畅捷通

Published

2025-11-30

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.333792 https://github.com/Bellingham-max/CVE/issues/1 https://vuldb.com/?id.333792 https://vuldb.com/?submit.690084 https://access.redhat.com/security/cve/cve-2025-13788