A SQL injection vulnerability exists in Tongda2000, a web-based intelligent office system from China Tongda, which originates from the d_name parameter in the productβs export_data.php file that does not securely handle special characters in user input data. An attacker can execute malicious SQL statements through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
Tongda Tongda2000 v | eq | 11.10 |