Submit #222266: Tongda OA Office System V11.10 and below、v2017 has SQL injection vulnerabilityinfo

TitleTongda OA Office System V11.10 and below、v2017 has SQL injection vulnerability
DescriptionA vulnerability was found in Tongda OA Office System V11.10 and below、V2017. It been declared as critical. Affected by this issue is some unknow functionality of the file /manage/delete_query.php of the component General News. The manipulation of the argument $NEWS_ID leads to sql Injection.The attack may be launched information disclosure.
Source⚠️ https://github.com/Charmeeeeee/Tongda-OA-repo/blob/main/Tongda_OA_Vulnerability_Report.md
User
 HE1D1 (UID 56583)
Submission10/18/2023 05:36 (3 years ago)
Moderation10/26/2023 07:28 (8 days later)
StatusAccepted
VulDB entry243588 [Tongda OA 2017 up to 11.10 General News /manage/delete_query.php NEWS_ID sql injection]
Points19

Might our Artificial Intelligence support you?

Check our Alexa App!