CVE-2024-25320

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFFID parameter at /affair/delete.php...

PT-2024-16495 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA 2017 up to 11.10 Description: A critical issue has been found in Tongda OA, affecting an unknown functionality of the file /module/word model/view/index.php. The manipulation of the query str argument leads to SQL injection. The...

PT-2024-16433 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions 2017 up to 11.9 Description: A critical issue has been identified, affecting unknown code in the file /pda/reportshop/new.php. The manipulation of the repid argument leads to SQL injection. This issue can be exploited...

TONGDA Office Anywhere SQL注入漏洞

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 2017 11.9 and earlier versions, which originates from a SQL injection in the parameter dataSrc...

TONGDA Office Anywhere SQL注入漏洞

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 2017 11.10 and earlier versions, which stems from an SQL injection in the parameter whererepeat...

Microsoft SQL Server Security Vulnerability

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker exploiting this vulnerability could remotely execute code. The following products and editions are...

CVE-2024-25320

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFFID parameter at /affair/delete.php...

CVE-2024-25320

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFFID parameter at /affair/delete.php...

PT-2023-32796 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions 2017 up to 11.10 Description: A critical issue affects an unknown functionality of the file general/vote/manage/delete.php. The manipulation of the DELETE STR argument leads to sql injection. The exploit has been disclosed ...

Sage Group Sage 300 安全漏洞

Sage Group Sage 300 is a well-established closed-source Enterprise Resource Planning ERP solution from Sage Group UK designed to facilitate business management. A security vulnerability exists in Sage Group Sage 300 versions 2017 through 2022 6.4.x - 6.9.x that stems from a low-privileged Sage 30...

Dassault Systèmes DELMIA Apriso 代码问题漏洞

Dassault Systèmes DELMIA Apriso is an interactive manufacturing application for digital enterprises from Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes DELMIA Apriso versions 2017 through 2022, which stems from the presence of a service area request forgery...

PT-2023-3048 · Dassault Systèmes · Delmia Apriso

Name of the Vulnerable Software and Affected Versions: DELMIA Apriso versions Release 2017 through Release 2022 Description: The issue is related to a reflected Cross-site Scripting XSS vulnerability. This vulnerability can be exploited by a remote attacker to execute arbitrary script code,...

PT-2023-18182 · Dassault Systèmes · Delmia Apriso

Name of the Vulnerable Software and Affected Versions: DELMIA Apriso versions 2017 through 2022 Description: An unsafe .NET object deserialization could lead to post-authentication remote code execution. Recommendations: For DELMIA Apriso versions 2017 through 2022, update to a version that fixes...

CVE-2021-33010

An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition...

CVE-2021-32985

AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid...

CVE-2021-33008

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity...

CVE-2021-32977

AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data...

CVE-2021-39839

Acrobat Reader DC versions 2021.005.20060 and earlier, 2020.004.30006 and earlier and 2017.011.30199 and earlier are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user...

CVE-2020-3806

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-3800

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory address leak vulnerability. Successful exploitation could lead to information disclosure...