5 matches found
Tongda OA 2017 SQL Injection Vulnerability
Tongda2000 is a web-based intelligent office system from China Tongda Tongda. A security vulnerability exists in Tongda OA 2017 version, which originates from the existence of an unknown part of the file general/hr/training/record/delete.php, which leads to sql injection via the parameter RECORDI...
SQL Injection Vulnerability in the Backend of Tongda OA Collaboration Office System 2017 Version
Ltd. is subordinate to China National Weapons Industry Information Center CNWIIC, which is referred to as Tongda Xinke. It is a high-tech team with the main business of collaborative management software development and implementation, service and consulting. There is a SQL injection vulnerability...
Stored Cross-site Scripting Vulnerability in the Latest Version of Tongda OA Office System
Tongda OA office system 2015 office anywhere 2015 is a domestic office software. A stored cross-site scripting vulnerability exists in the editor of Offer Anywhere 2015, a Tongda OA network intelligent office system. A remote attacker can exploit this vulnerability to inject arbitrary Web script ...
SQL Injection Vulnerability in Tongda OA System
Ltd. OA-Office Anywhere system is a network intelligent office system developed using PHP. There is a SQL injection vulnerability in this product, the vulnerability URL is: http://host/interface/auth.php?&PASSWORD=1&USERID= The vulnerability URL is: The injected parameter is: USERID The attacker...
Tongda OA Office System latest version of the file contains a vulnerability
Tongda OA office system 2015 office anywhere 2015 is a domestic office software. The latest version of Tongda OA Office System 2015 suffers from a file inclusion vulnerability that allows attackers to view leaked file information by guessing the file path...