Invia #222266: Tongda OA Office System V11.10 and below、v2017 has SQL injection vulnerabilityinformazioni

TitoloTongda OA Office System V11.10 and below、v2017 has SQL injection vulnerability
DescrizioneA vulnerability was found in Tongda OA Office System V11.10 and below、V2017. It been declared as critical. Affected by this issue is some unknow functionality of the file /manage/delete_query.php of the component General News. The manipulation of the argument $NEWS_ID leads to sql Injection.The attack may be launched information disclosure.
Fonte⚠️ https://github.com/Charmeeeeee/Tongda-OA-repo/blob/main/Tongda_OA_Vulnerability_Report.md
Utente
 HE1D1 (UID 56583)
Sottomissione18/10/2023 05:36 (3 anni fa)
Moderazione26/10/2023 07:28 (8 days later)
StatoAccettato
Voce VulDB243588 [Tongda OA 2017 fino a 11.10 General News /manage/delete_query.php NEWS_ID iniezione SQL]
Punti19

Do you know our Splunk app?

Download it now for free!