| Description: | | Yonyou Chanjet CRM is a new type of enterprise management software based on the Internet. Its functional modules include: financial management, purchasing management, inventory management, etc. It is mainly an integrated application of finance and business for small and medium-sized industrial, trade and commercial enterprises. There is an SQL injection vulnerability in the newleadset.php interface of Yonyou Chanjet CRM. Attackers can inject malicious SQL statements by constructing malicious request parameters, resulting in database information leakage, data tampering, and even system privilege escalation, affecting the security and integrity of system data. |