Tongda2000

Tongda Office Anywhere

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-5261

Exploit
  • EPSS 0.12%
  • Veröffentlicht 29.09.2023 12:15:13
  • Zuletzt bearbeitet 21.11.2024 08:41:23

A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. Th...

8.8

CVE-2023-5030

Exploit
  • EPSS 0.03%
  • Veröffentlicht 17.09.2023 22:15:47
  • Zuletzt bearbeitet 21.11.2024 08:40:55

A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLAN_ID leads to sql injection. The exploit h...

6.1

CVE-2023-5026

Exploit
  • EPSS 0.07%
  • Veröffentlicht 17.09.2023 10:15:07
  • Zuletzt bearbeitet 21.11.2024 08:40:55

A vulnerability classified as problematic has been found in Tongda OA 11.10. Affected is an unknown function of the file /general/ipanel/menu_code.php?MENU_TYPE=FAV. The manipulation of the argument OA_SUB_WINDOW leads to cross site scripting. It is ...

8.8

CVE-2023-5023

Exploit
  • EPSS 0.04%
  • Veröffentlicht 17.09.2023 07:15:09
  • Zuletzt bearbeitet 21.11.2024 08:40:54

A vulnerability was found in Tongda OA 2017 and classified as critical. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_relatives/delete.php. The manipulation of the argument RELATIVES_ID leads to sql injectio...

9.8

CVE-2023-5019

Exploit
  • EPSS 0.05%
  • Veröffentlicht 17.09.2023 04:15:11
  • Zuletzt bearbeitet 21.11.2024 08:40:54

A vulnerability classified as critical was found in Tongda OA. This vulnerability affects unknown code of the file general/hr/manage/staff_reinstatement/delete.php. The manipulation of the argument REINSTATEMENT_ID leads to sql injection. The attack ...

9.8

CVE-2023-4166

Exploit
  • EPSS 87.97%
  • Veröffentlicht 05.08.2023 16:15:23
  • Zuletzt bearbeitet 21.11.2024 08:34:31

A vulnerability has been found in Tongda OA and classified as critical. This vulnerability affects unknown code of the file general/system/seal_manage/dianju/delete_log.php. The manipulation of the argument DELETE_STR leads to sql injection. The expl...

9.8

CVE-2023-4165

Exploit
  • EPSS 88.67%
  • Veröffentlicht 05.08.2023 14:15:23
  • Zuletzt bearbeitet 21.11.2024 08:34:31

A vulnerability, which was classified as critical, was found in Tongda OA. This affects an unknown part of the file general/system/seal_manage/iweboffice/delete_seal.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit...

9.8

CVE-2023-2738

Exploit
  • EPSS 0.11%
  • Veröffentlicht 16.05.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 07:59:11

A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The ex...

9.8

CVE-2022-23902

Exploit
  • EPSS 0.26%
  • Veröffentlicht 14.02.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:49:26

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.

9.8

CVE-2022-24206

Exploit
  • EPSS 0.26%
  • Veröffentlicht 14.02.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:49:59

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.