Skip to main content

Lingdang Crm

7 CVEs product

Monthly

CVE-2025-8345 LOW Monitor

SQL injection in Lingdang CRM versions up to 8.6.4.7 allows authenticated remote attackers to execute arbitrary SQL queries via the function parameter in the delete_user function of crm/WeiXinApp/yunzhijia/yunzhijiaApi.php. Public exploit code exists, and vendor has released patched version 8.6.5.2 to remediate the vulnerability.

PHP SQLi Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-0463 MEDIUM This Month

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Authentication Bypass PHP Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-0462 MEDIUM This Month

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0461 MEDIUM This Month

A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Lingdang Crm
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.0%
CVE-2024-11123 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Lingdang Crm
NVD VulDB
CVSS 4.0
5.3
EPSS
1.0%
CVE-2024-11122 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Lingdang Crm
NVD VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-11121 MEDIUM POC This Month

A vulnerability classified as critical was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Lingdang Crm
NVD VulDB
CVSS 4.0
5.3
EPSS
0.6%
EPSS 0% CVSS 2.1
LOW Monitor

SQL injection in Lingdang CRM versions up to 8.6.4.7 allows authenticated remote attackers to execute arbitrary SQL queries via the function parameter in the delete_user function of crm/WeiXinApp/yunzhijia/yunzhijiaApi.php. Public exploit code exists, and vendor has released patched version 8.6.5.2 to remediate the vulnerability.

PHP SQLi Lingdang Crm
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Authentication Bypass PHP +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Lingdang Crm
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Lingdang Crm
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Lingdang Crm
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload +1
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as critical was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Lingdang Crm
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy