CVE-2021-41746

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
1
PROJECT

Description

SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information.

purple-WL/Yonyou-TurboCRM-SQL-injection
purple-WL/Yonyou-TurboCRM-SQL-injectionUNAVAILABLE
GitHubGitHub