4 matches found
CVE-2023-7022
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/workplan/manage/deleteall.php. The manipulation of the argument DELETESTR leads to sql injection. The attack can be launched...
Sql injection
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/workplan/manage/deleteall.php. The manipulation of the argument DELETESTR leads to sql injection. The attack can be launched...
CVE-2023-7022 Tongda OA 2017 delete_all.php sql injection
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/workplan/manage/deleteall.php. The manipulation of the argument DELETESTR leads to sql injection. The attack can be launched...
CVE-2023-7022
CVE-2023-7022 affects Tongda OA 2017 up to 11.9. The vulnerability resides in the file general/work_plan/manage/delete_all.php, where altering the parameter DELETE_STR enables SQL injection. It can be exploited remotely over the network, and the exploit has been disclosed publicly. Multiple sourc...