CVE-2025-13788 | Chanjet CRM up to 20251106 upgradeattribute.php gblOrgID sql injection

A vulnerability has been found in Chanjet CRM up to 20251106 and classified as critical. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection.

This vulnerability is documented as CVE-2025-13788. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More