CVE-2024-10598

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be...

CVE-2023-5298 Tongda OA 2017 delete.php sql injection

A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTSID leads to sql injection. The exploit has been disclosed to the...

CVE-2023-5265

A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/stafftransfer/delete.php. The manipulation of the argument TRANSFERID leads to sql injection. The exploit has been disclosed to t...

Sql injection

A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hrpool/delete.php. The manipulation of the argument EXPERTID leads to sql injection. The exploit has been disclosed to the public and may be used...