CVE-2023-6607

🗓️ 08 Dec 2023 14:00:07Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 37 Views🌐 WEB

Vulnerability in Tongda OA 2017 up to 11.10 with critical SQL injection

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2023-6607	31 Dec 202310:16	–	circl
CNNVD	Tongda OA SQL Injection Vulnerability	8 Dec 202300:00	–	cnnvd
Cvelist	CVE-2023-6607 Tongda OA 2017 delete.php sql injection	8 Dec 202314:00	–	cvelist
EUVD	EUVD-2023-58830	3 Oct 202520:07	–	euvd
NVD	CVE-2023-6607	8 Dec 202314:15	–	nvd
Prion	Sql injection	8 Dec 202314:15	–	prion
RedhatCVE	CVE-2023-6607	23 May 202502:05	–	redhatcve

NVD

Vulners

Node

tongda2000 tongda_office_anywhereRange≤11.10

tongda2000 tongda_office_anywhereMatch2017

[
  {
    "vendor": "Tongda",
    "product": "OA 2017",
    "versions": [
      {
        "version": "11.0",
        "status": "affected"
      },
      {
        "version": "11.1",
        "status": "affected"
      },
      {
        "version": "11.2",
        "status": "affected"
      },
      {
        "version": "11.3",
        "status": "affected"
      },
      {
        "version": "11.4",
        "status": "affected"
      },
      {
        "version": "11.5",
        "status": "affected"
      },
      {
        "version": "11.6",
        "status": "affected"
      },
      {
        "version": "11.7",
        "status": "affected"
      },
      {
        "version": "11.8",
        "status": "affected"
      },
      {
        "version": "11.9",
        "status": "affected"
      },
      {
        "version": "11.10",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/willchen0011/cve/blob/main/sql.md
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
TERM_ID_STR	query param	general/wiki/cp/manage/delete.php	SQL injection via TERM_ID_STR parameter in delete.php	CWE-89

21 Nov 2024 08:44Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.5 - 7.5

CVSS 25.2

CVSS 35.5

EPSS0.0008

CWE-89

tongda oa 2017 11.10 critical sql injection cve-2023-6607 vdb-247243 nvd security vulnerability