CVE-2022-25406
CVE-2022-25406 affects Tongda2000 v11.10 and is caused by a SQL injection in delete_query.php via the DELETE_STR parameter (inadequate filtering of special characters). The vulnerability can lead to arbitrary SQL execution. Reported metrics: CVSS v2 base 7.5 (HIGH) and CVSS v3.1 base 9.8 (CRITICA...