2 matches found
CVE-2023-4166
creationtimestamp| type| source ---|---|--- 2023-10-10 15:06:55+00:00| published-proof-of-concept| https://t.me/CNArsenal/857...
CVE-2023-4166
CVE-2023-4166 describes a SQL injection in Tongda OA, exposed via DELETE_STR in general/system/seal_manage/dianju/delete_log.php. The vulnerability affects Tongda OA prior to version 11.10, where user-controlled input in DELETE_STR leads to unauthorized database access. Exploitation status is ind...