Enviar #222266: Tongda OA Office System V11.10 and below、v2017 has SQL injection vulnerabilityinformación

TítuloTongda OA Office System V11.10 and below、v2017 has SQL injection vulnerability
DescripciónA vulnerability was found in Tongda OA Office System V11.10 and below、V2017. It been declared as critical. Affected by this issue is some unknow functionality of the file /manage/delete_query.php of the component General News. The manipulation of the argument $NEWS_ID leads to sql Injection.The attack may be launched information disclosure.
Fuente⚠️ https://github.com/Charmeeeeee/Tongda-OA-repo/blob/main/Tongda_OA_Vulnerability_Report.md
Usuario
 HE1D1 (UID 56583)
Sumisión2023-10-18 05:36 (hace 3 años)
Moderación2023-10-26 07:28 (8 days later)
EstadoAceptado
Entrada de VulDB243588 [Tongda OA 2017 hasta 11.10 General News /manage/delete_query.php NEWS_ID inyección SQL]
Puntos19

Interested in the pricing of exploits?

See the underground prices here!