2 matches found
The vulnerability of the delete.php script (located at general/hr/manage/staff_title_evaluation/delete.php) within the Tongda OA automation tool for business processes, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the delete.php script located at general/hr/manage/stafftitleevaluation/delete.php within the Tongda OA automation tool relates to the failure to protect the SQL query structure during the processing of the EVALUATIONID parameter. Exploiting this vulnerability allows an...
Tongda OA SQL Injection Vulnerability
Tongda2000 is a web-based intelligent office system from China Tongda Tongda. Tongda OA 2017 suffers from a SQL injection vulnerability that originates from the parameter EVALUATIONID in the file general/hr/manage/stafftitleevaluation/delete.php that can lead to SQL injection...