SQL Injection Vulnerability in Krayin CRM for Laravel
CVE-2026-38528
7.1HIGH
What is CVE-2026-38528?
A SQL injection vulnerability exists in Krayin CRM v2.2.x, specifically through the rotten_lead parameter accessible at /Lead/LeadDataGrid.php. This flaw can allow attackers to execute arbitrary SQL queries, potentially compromising the database integrity and confidentiality of sensitive information.
