Lucene search

K

Tongda Office Anywhere Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2022-23902

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.

9.8CVSS

9.7AI Score

0.002EPSS

2022-02-14 09:15 PM
90
cve
cve

CVE-2022-24206

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.

9.8CVSS

9.7AI Score

0.002EPSS

2022-02-14 09:15 PM
98
cve
cve

CVE-2023-2738

A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

9.8CVSS

9.4AI Score

0.001EPSS

2023-05-16 03:15 PM
21
cve
cve

CVE-2023-4165

A vulnerability, which was classified as critical, was found in Tongda OA. This affects an unknown part of the file general/system/seal_manage/iweboffice/delete_seal.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS

9.6AI Score

0.001EPSS

2023-08-05 02:15 PM
44
cve
cve

CVE-2023-4166

A vulnerability has been found in Tongda OA and classified as critical. This vulnerability affects unknown code of the file general/system/seal_manage/dianju/delete_log.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be u...

9.8CVSS

9.6AI Score

0.001EPSS

2023-08-05 04:15 PM
39
cve
cve

CVE-2023-5019

A vulnerability classified as critical was found in Tongda OA. This vulnerability affects unknown code of the file general/hr/manage/staff_reinstatement/delete.php. The manipulation of the argument REINSTATEMENT_ID leads to sql injection. The attack can be initiated remotely. The exploit has been d...

9.8CVSS

9.7AI Score

0.001EPSS

2023-09-17 04:15 AM
18
cve
cve

CVE-2023-5261

A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and ma...

9.8CVSS

9.7AI Score

0.001EPSS

2023-09-29 12:15 PM
31
cve
cve

CVE-2023-5265

A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql injection. The exploit has been disclosed to t...

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-29 03:15 PM
33
cve
cve

CVE-2023-5267

A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Up...

9.8CVSS

9.6AI Score

0.001EPSS

2023-09-29 03:15 PM
34
cve
cve

CVE-2023-5682

A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manipulation of the argument RECORD_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Up...

9.8CVSS

9.5AI Score

0.001EPSS

2023-10-20 09:15 PM
37
cve
cve

CVE-2023-5780

A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack can be initiated remo...

9.8CVSS

9.5AI Score

0.001EPSS

2023-10-26 01:15 PM
32
cve
cve

CVE-2023-5781

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETE_STR of the file general/system/res_manage/monitor/delete_webmail.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS

9.5AI Score

0.001EPSS

2023-10-26 01:15 PM
35
cve
cve

CVE-2023-5782

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /manage/delete_query.php of the component General News. The manipulation of the argument NEWS_ID leads to sql injection. The exploit has been disclosed to the publ...

9.8CVSS

9.5AI Score

0.001EPSS

2023-10-26 02:15 PM
34
cve
cve

CVE-2023-6052

A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be ...

9.8CVSS

9.6AI Score

0.001EPSS

2023-11-09 01:15 PM
25
cve
cve

CVE-2023-6053

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9. Affected by this issue is some unknown functionality of the file general/system/censor_words/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been di...

9.8CVSS

9.4AI Score

0.001EPSS

2023-11-09 07:15 PM
29
cve
cve

CVE-2023-6054

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/manage/lock.php. The manipulation of the argument TERM_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upg...

9.8CVSS

9.5AI Score

0.001EPSS

2023-11-09 07:15 PM
29
cve
cve

CVE-2023-6084

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VU_ID leads to sql injection. The exploit has been disclosed to the public and may...

9.8CVSS

9.4AI Score

0.001EPSS

2023-11-12 11:15 AM
23
cve
cve

CVE-2023-6885

A vulnerability was found in Tongda OA 2017 up to 11.10. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/vote/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the...

9.8CVSS

9.5AI Score

0.001EPSS

2023-12-16 11:15 PM
25
cve
cve

CVE-2024-1252

A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/ask_duty/delete.php. The manipulation of the argument ASK_DUTY_ID leads to sql injection. The exploit has been disclosed t...

9.8CVSS

9.6AI Score

0.001EPSS

2024-02-06 05:15 PM
16