CVE-2025-4510 – Changjietong UFIDA CRM SQL Injection

May 10, 2025

CVE ID : CVE-2025-4510

Published : May 10, 2025, 6:15 p.m. | 2 hours, 8 minutes ago

Description : A vulnerability was found in Changjietong UFIDA CRM 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /optnty/optntyday.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4511 – Vector4Wang Spring-Boot-Quick Remote Path Traversal Vulnerability

Next Article CVE-2025-4509 – PHPGurukul e-Diary Management System SQL Injection

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-4510 – Changjietong UFIDA CRM SQL Injection

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Stretch Break Linux App Reminds You to Stop Pixel-Gawping

Multimodal Queries Require Multimodal RAG: Researchers from KAIST and DeepAuto.ai Propose UniversalRAG—A New Framework That Dynamically Routes Across Modalities and Granularities for Accurate and Efficient Retrieval-Augmented Generation

Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers

CVE-2025-4030 – “PHPGurukul COVID19 Testing Management System SQL Injection”

CVE-2025-47640 – Printcart Web to Print Product Designer for WooCommerce SQL Injection

How to Add Product Badges in Optimizely Configured Commerce Spire

Google Fights Back: Appeals Order to Sell Chrome Browser

Will Microsoft charge for Windows security updates starting in July? Yes, but for Windows Server 2025, not Windows 11.

CVE-2025-4510 – Changjietong UFIDA CRM SQL Injection

Related Posts