CVE-2025-7801 – BossSoft CRM SQL Injection Vulnerability

July 18, 2025

CVE ID : CVE-2025-7801

Published : July 18, 2025, 7:15 p.m. | 3 hours, 31 minutes ago

Description : A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50584 – StudentManage XSS Vulnerability in Add A New Teacher Module

Next Article CVE-2025-7802 – PHPGurukul Complaint Management System Cross Site Scripting Vulnerability

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Cloudsmith launches ML Model Registry to provide a single source of truth for AI models and datasets

Kong Acquires OpenMeter to Unlock AI and API Monetization for the Agentic Era

Microsoft Graph CLI to be retired

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

ASUS built a desktop gaming PC around a mobile CPU — it’s an interesting, if flawed, idea

Hollow Knight: Silksong arrives on Xbox Game Pass this week — and Xbox’s September 1–7 lineup also packs in the horror. Here’s every new game.

The Xbox remaster that brought Gears to PlayStation just passed a huge milestone — “ending the console war” and proving the series still has serious pulling power

Magento (Adobe Commerce) or Optimizely Configured Commerce: Which One to Choose

Magento (Adobe Commerce) or Optimizely Configured Commerce: Which One to Choose

Updates from N|Solid Runtime: The Best Open-Source Node.js RT Just Got Better

Scale Your Business with AI-Powered Solutions Built for Singapore’s Digital Economy

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

ASUS built a desktop gaming PC around a mobile CPU — it’s an interesting, if flawed, idea

Hollow Knight: Silksong arrives on Xbox Game Pass this week — and Xbox’s September 1–7 lineup also packs in the horror. Here’s every new game.

CVE-2025-7801 – BossSoft CRM SQL Injection Vulnerability

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

Pennsylvania Attorney General’s Office Recovers from Ransomware Attack

CVE-2025-4886 – iSourcecode Sales and Inventory System SQL Injection Vulnerability

Rebellion CEO says Atomfall is a success, praises Xbox Game Pass: “Microsoft has been a fantastic partner to work with.”

Distribution Release: Grml 2025.05

How can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2)

How to watch Summer Game Fest, Xbox Games Showcase, and other summer 2025 gaming events

CVE-2025-5849 – Tenda AC15 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

Understand your software’s supply chain with GitHub’s dependency graph

CVE-2025-22404 – Qualcomm AvCT LCB Act Use After Free Privilege Escalation

CVE-2025-7801 – BossSoft CRM SQL Injection Vulnerability

Related Posts