Jikdarren

**Name of the Vulnerable Software and Affected Versions** Chanjet CRM version 1.0 **Description** An issue exists in the HTTP GET Request Handler component within the file '/tools/jxf dump systable.php'. Remote manipulation of the `gblOrgID` parameter allows for SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution to manipulate the database. **Recommendations** Avoid using the `gblOrgID` parameter in the '/tools/jxf dump systable.php' endpoint as a temporary mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.