TONGDA Office Anywhere SQL Injection Vulnerability
TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere versions prior to 11.10. The vulnerability stems from unknown code in the file general/hr/manage/staffreinstatement/delete.php, which leads to a sql injection via the paramet...