8 matches found
EUVD-2022-30076
Malicious code in bioql PyPI...
Sql injection
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /manage/deletequery.php of the component General News. The manipulation of the argument NEWSID leads to sql injection. The exploit has been disclosed to the publ...
CVE-2023-5782 Tongda OA 2017 General News delete_query.php sql injection
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /manage/deletequery.php of the component General News. The manipulation of the argument NEWSID leads to sql injection. The exploit has been disclosed to the publ...
CVE-2022-25406
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in deletequery.php via the DELETESTR parameter...
CVE-2022-25406
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in deletequery.php via the DELETESTR parameter...
Sql injection
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in deletequery.php via the DELETESTR parameter...
CVE-2022-25406
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in deletequery.php via the DELETESTR parameter...
CVE-2022-25406
CVE-2022-25406 affects Tongda2000 v11.10 and is caused by a SQL injection in delete_query.php via the DELETE_STR parameter (inadequate filtering of special characters). The vulnerability can lead to arbitrary SQL execution. Reported metrics: CVSS v2 base 7.5 (HIGH) and CVSS v3.1 base 9.8 (CRITICA...