CVE-2025-8908 | Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.2.23 event.php openid sql injection

A vulnerability, which was classified as critical, has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.2.23. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection.

This vulnerability is handled as CVE-2025-8908. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More