CVE-2026-38528 PUBLISHED

Assigner: mitre
Reserved: 06.04.2026 Published: 14.04.2026 Updated: 14.04.2026

Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rotten_lead parameter at /Lead/LeadDataGrid.php.

Metrics

CVSS Vector: CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:L/S:U/UI:N
CVSS Score: 7.1

Product Status

Vendor n/a
Product n/a
Versions
  • Version n/a is affected

References

Problem Types

  • n/a text