TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. TONGDA Office Anywhere 2017 suffers from a SQL injection vulnerability that stems from the fact that incorrect manipulation of the REQUIREMENTSID parameter can lead to sql injection...

PT-2023-32019 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA 2017 versions prior to 11.10 Description: A critical issue affects some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the REQUIREMENTS ID argument leads to sql injection. The explo...