Tongda Office Anywhere@11.3 Security Vulnerabilities and Issues — Tongda Office Anywhere@11.3 CVE List

Lucene search

Tongda2000Tongda Office Anywhere11.3

8 matches found

CVE•added 2024/10/31 10:15 p.m.•46 views

CVE-2024-10598

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiat...

6.9CVSS5.7AI score0.0008EPSS

CVE•added 2024/11/03 9:15 a.m.•44 views

CVE-2024-10730

A vulnerability, which was classified as critical, has been found in Tongda OA up to 11.6. This issue affects some unknown processing of the file /pda/appcenter/web_show.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been discl...

9.8CVSS7.1AI score0.00124EPSS

CVE•added 2024/11/03 10:15 a.m.•42 views

CVE-2024-10731

A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/check_seal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed ...

9.8CVSS7.1AI score0.00124EPSS

CVE•added 2024/11/01 4:15 a.m.•39 views

CVE-2024-10617

A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

9.8CVSS7.1AI score0.00092EPSS

CVE•added 2024/11/01 4:15 a.m.•38 views

CVE-2024-10616

A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to ...

9.8CVSS7.1AI score0.00098EPSS

CVE•added 2024/11/01 3:15 p.m.•37 views

CVE-2024-10657

A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

9.8CVSS7.1AI score0.001EPSS

CVE•added 2023/09/17 10:15 p.m.•36 views

CVE-2023-5030

A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLAN_ID leads to sql injection. The exploit has been disclosed to the public and may be used. ...

8.8CVSS7.5AI score0.00032EPSS

CVE•added 2024/11/01 3:15 p.m.•35 views

CVE-2024-10658

A vulnerability classified as critical was found in Tongda OA up to 11.10. Affected by this vulnerability is an unknown functionality of the file /pda/approve_center/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.1AI score0.001EPSS