CVE-2024-10615

🗓️ 01 Nov 2024 02:31:08Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 55 Views🌐 WEB

Vulnerability in Tongda OA 2017 up to 11.10, allowing remote sql injection via /general/approve_center/query/list/input_form/delete_data_attach.ph

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2024-10615	1 Nov 202404:38	–	circl
CNNVD	TONGDA Office Anywhere SQL注入漏洞	1 Nov 202400:00	–	cnnvd
Cvelist	CVE-2024-10615 Tongda OA 2017 delete_data_attach.php sql injection	1 Nov 202402:31	–	cvelist
EUVD	EUVD-2024-33208	3 Oct 202520:07	–	euvd
NVD	CVE-2024-10615	1 Nov 202403:15	–	nvd
RedhatCVE	CVE-2024-10615	23 May 202508:20	–	redhatcve
Vulnrichment	CVE-2024-10615 Tongda OA 2017 delete_data_attach.php sql injection	1 Nov 202402:31	–	vulnrichment

NVD

Vulners

Vulnrichment

Node

tongda2000 office_anywhereRange11.0–11.10

tongda2000 office_anywhereMatch2017

[
  {
    "vendor": "Tongda",
    "product": "OA 2017",
    "versions": [
      {
        "version": "11.0",
        "status": "affected"
      },
      {
        "version": "11.1",
        "status": "affected"
      },
      {
        "version": "11.2",
        "status": "affected"
      },
      {
        "version": "11.3",
        "status": "affected"
      },
      {
        "version": "11.4",
        "status": "affected"
      },
      {
        "version": "11.5",
        "status": "affected"
      },
      {
        "version": "11.6",
        "status": "affected"
      },
      {
        "version": "11.7",
        "status": "affected"
      },
      {
        "version": "11.8",
        "status": "affected"
      },
      {
        "version": "11.9",
        "status": "affected"
      },
      {
        "version": "11.10",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/LvZCh/td/issues/6
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
RUN_ID	query param	/general/approve_center/query/list/input_form/delete_data_attach.php	SQL injection via RUN_ID parameter in delete_data_attach.php	CWE-89

04 Nov 2024 16:45Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.16.3 - 9.8

CVSS 45.3

CVSS 26.5

CVSS 36.3

EPSS0.00097

SSVC

CWE-89