Unrated severityNVD Advisory· Published Oct 29, 2021· Updated Aug 4, 2024

CVE-2021-41746

Description

SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information.

Affected products

Yonyou/TurboCRMllm-create

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/purple-WL/Yonyou-TurboCRM-SQL-injection/issues/1mitrex_refsource_MISC
www.cnvd.org.cn/flaw/show/CNVD-2020-21956mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000