Lucene search
K

48 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:21 a.m.4 views

CVE-2024-10731

A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/checkseal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

9.8CVSS7.2AI score0.00534EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:20 a.m.4 views

CVE-2024-10599

A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7. This issue affects some unknown processing of the file /inc/packagestaticresources.php. The manipulation leads to resource consumption. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.4AI score0.00942EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/03 12:0 a.m.5 views

PT-2024-16494 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.10 Description: A critical issue was found in Tongda OA, affecting an unknown function of the file /pda/appcenter/check seal.php. The manipulation of the ID argument leads to SQL injection. It is possible to launch...

9.8CVSS7.2AI score0.00534EPSS
Exploits1References10
OSV
OSV
added 2024/11/01 3:15 p.m.3 views

CVE-2024-10657

A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approvecenter/prcsinfo.php. The manipulation of the argument RUNID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed ...

9.8CVSS5.7AI score0.00686EPSS
Exploits1References4
OSV
OSV
added 2024/11/01 3:15 p.m.1 views

CVE-2024-10656

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mrid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed ...

9.8CVSS5.7AI score0.00686EPSS
Exploits1References4
OSV
OSV
added 2024/11/01 4:15 a.m.4 views

CVE-2024-10619

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/nextdetail.php. The manipulation of the argument repid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score0.00543EPSS
Exploits1References4
OSV
OSV
added 2024/11/01 4:15 a.m.4 views

CVE-2024-10617

A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/checkseal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the publi...

9.8CVSS5.7AI score0.00543EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.7 views

PT-2024-16436 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.10 Description: A critical vulnerability was found in Tongda OA, affecting an unknown functionality of the file /pda/approve center/check seal.php. The manipulation of the ID argument leads to SQL injection. The...

9.8CVSS7.1AI score0.00686EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.5 views

PT-2024-16433 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions 2017 up to 11.9 Description: A critical issue has been identified, affecting unknown code in the file /pda/reportshop/new.php. The manipulation of the repid argument leads to SQL injection. This issue can be exploited...

9.8CVSS7.3AI score0.00543EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.5 views

PT-2024-16395 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions 11.2 through 11.6 Description: A critical vulnerability was found in Tongda OA, affecting unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads t...

6.9CVSS5.9AI score0.00517EPSS
Exploits1References18
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.3 views

PT-2024-16413 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.10 Description: A critical vulnerability was found in Tongda OA, affecting the file /pda/workflow/check seal.php. The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely...

9.8CVSS7.1AI score0.00543EPSS
Exploits1References10
VulnCheck KEV
VulnCheck KEV
added 2024/09/18 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-4166

A vulnerability has been found in Tongda OA and classified as critical. This vulnerability affects unknown code of the file general/system/sealmanage/dianju/deletelog.php. The manipulation of the argument DELETESTR leads to sql injection. The exploit has been disclosed to the public and may be...

9.8CVSS6.9AI score0.10845EPSS
Exploits2References1
OSV
OSV
added 2024/02/06 5:15 p.m.3 views

CVE-2024-1252

A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/askduty/delete.php. The manipulation of the argument ASKDUTYID leads to sql injection. The exploit has been disclosed to...

9.8CVSS5.5AI score0.00651EPSS
Exploits1References3
OSV
OSV
added 2023/12/30 6:15 p.m.4 views

CVE-2023-7180

A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/project/proj/delete.php. The manipulation of the argument PROJIDSTR leads to sql injection. The exploit has been disclosed to the...

4.3CVSS5.5AI score
Exploits0References3
OSV
OSV
added 2023/12/21 1:15 a.m.6 views

CVE-2023-7021

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/deletesearch.php. The manipulation of the argument VUID leads to sql injection. It is possible to launch the attack remotely. The exploit...

9.8CVSS5.6AI score0.00695EPSS
Exploits1References3
OSV
OSV
added 2023/12/08 2:15 p.m.5 views

CVE-2023-6607

A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/wiki/cp/manage/delete.php. The manipulation of the argument TERMIDSTR leads to sql injection. The exploit has been disclosed to t...

7.5CVSS5.6AI score0.00716EPSS
Exploits1References3
OSV
OSV
added 2023/11/24 4:15 p.m.5 views

CVE-2023-6276

A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/ct/delete.php. The manipulation of the argument PROJIDSTR leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS5.6AI score0.00632EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.7 views

The vulnerability of the DELETE_STR script (General/system/censor_words/module/delete.php) in the Tongda OA automation tool allows a hacker to execute arbitrary SQL queries.

The vulnerability of the delete.php script General/system/censorwords/module/delete.php, a tool for automating business processes in Tongda OA, is related to the failure to protect the SQL query structure during the processing of the DELETESTR parameter. Exploiting this vulnerability allows an...

6.3CVSS7.3AI score0.01032EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/11/17 12:0 a.m.8 views

The vulnerability of the General/vehicle/checkup/delete.php component of the Tongda OA automation tool allows a hacker to execute arbitrary SQL code.

The vulnerability of the General/vehicle/checkup/delete.php component of the Tongda OA automation tool for business processes is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

6.3CVSS7.2AI score0.00873EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/11/12 11:15 a.m.3 views

CVE-2023-6084

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VUID leads to sql injection. The exploit has been disclosed to the public and ma...

9.8CVSS5.5AI score0.00873EPSS
Exploits1References3
Rows per page
Query Builder