Tongda Office Anywhere Security Vulnerabilities and Issues — Tongda Office Anywhere CVE List

Lucene search

Tongda2000Tongda Office Anywhere

9 matches found

CVE•added 2024/10/31 10:15 p.m.•46 views

CVE-2024-10598

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiat...

6.9CVSS5.7AI score0.00082EPSS

CVE•added 2024/11/03 9:15 a.m.•44 views

CVE-2024-10730

A vulnerability, which was classified as critical, has been found in Tongda OA up to 11.6. This issue affects some unknown processing of the file /pda/appcenter/web_show.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been discl...

9.8CVSS7.1AI score0.00138EPSS

CVE•added 2024/11/03 10:15 a.m.•42 views

CVE-2024-10731

A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/check_seal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed ...

9.8CVSS7.1AI score0.00138EPSS

CVE•added 2024/11/01 4:15 a.m.•39 views

CVE-2024-10617

A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

9.8CVSS7.1AI score0.00102EPSS

CVE•added 2024/11/01 4:15 a.m.•38 views

CVE-2024-10616

A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to ...

9.8CVSS7.1AI score0.00109EPSS

CVE•added 2024/11/01 3:15 p.m.•37 views

CVE-2024-10657

A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

9.8CVSS7.1AI score0.00112EPSS

CVE•added 2024/11/01 3:15 p.m.•35 views

CVE-2024-10658

A vulnerability classified as critical was found in Tongda OA up to 11.10. Affected by this vulnerability is an unknown functionality of the file /pda/approve_center/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.1AI score0.00112EPSS

CVE•added 2024/05/15 4:15 p.m.•35 views

CVE-2024-4903

A vulnerability was found in Tongda OA 2017. It has been declared as critical. This vulnerability affects unknown code of the file /general/meeting/manage/delete.php. The manipulation of the argument M_ID_STR leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

6.5CVSS7.3AI score0.00019EPSS

CVE•added 2024/02/06 5:15 p.m.•29 views

CVE-2024-1252

A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/ask_duty/delete.php. The manipulation of the argument ASK_DUTY_ID leads to sql injection. The exploit has been disclosed t...

9.8CVSS9.6AI score0.00103EPSS