| عنوان | Beijing Tongda Xinke Technology Co., Ltd Tongda OA v11.2-v11.6 unauthorized access |
|---|
| الوصف | general/hr/setting/attendance/leave/data.php No login verification was performed
Unauthorized modification of annual leave rest time is allowed
It is also possible to view the names of all system users without authorization |
|---|
| المصدر | ⚠️ https://github.com/LvZCh/td/issues/1 |
|---|
| المستخدم | LVZC (UID 74910) |
|---|
| ارسال | 29/10/2024 09:16 AM (2 سنوات منذ) |
|---|
| الاعتدال | 31/10/2024 04:25 PM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 282610 [Tongda OA حتى 11.6 Annual Leave data.php تجاوز الصلاحيات] |
|---|
| النقاط | 16 |
|---|