CVE-2023-6276 in OA 2017información

Resumen

por MITRE • 2023-11-24

A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/ct/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-246105 was assigned to this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsable

VulDB

Reservar

2023-11-24

Divulgación

2023-11-24

Moderación

aceptado

Artículo

VDB-246105

CPE

listo

Explotación

Descargar

EPSS

0.00632

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!