| Titre | Beijing Tongda Xinke Technology Co., Ltd. Tongda OA versions below v11.10 and v2017 SQL injection |
|---|
| Description | Beijing Tongda Xinke Technology Co., Ltd. is a wholly-owned subsidiary of China Ordnance Industry Information Center. It is a high-tech enterprise whose main business is management software research and development, implementation, service and consulting. It is affiliated to China Ordnance Industry Group Corporation, a Fortune 500 company. Tongda OA developed by the company has a SQL injection vulnerability, which allows attackers to obtain sensitive information in the database, causing data leakage and harming user information security. |
|---|
| La source | ⚠️ https://github.com/Yu1e/vuls/blob/main/SQL%20injection%20vulnerability%20exists%20in%20Tongda%20OA.md |
|---|
| Utilisateur | yu1e (UID 61631) |
|---|
| Soumission | 17/01/2024 13:26 (il y a 2 ans) |
|---|
| Modérer | 26/01/2024 12:01 (9 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 252183 [Tongda OA 2017 jusqu’à 11.9 delete_webmail.php WEBBODY_ID_STR injection SQL] |
|---|
| Points | 20 |
|---|