| Title | Beijing Tongda Xinke Technology Co., Ltd. Tongda OA versions below v11.10 and v2017 SQL injection |
|---|
| Description | Beijing Tongda Xinke Technology Co., Ltd. is a wholly-owned subsidiary of China Ordnance Industry Information Center. It is a high-tech enterprise whose main business is management software research and development, implementation, service and consulting. It is affiliated to China Ordnance Industry Group Corporation, a Fortune 500 company. Tongda OA developed by the company has a SQL injection vulnerability, which allows attackers to obtain sensitive information in the database, causing data leakage and harming user information security. |
|---|
| Source | ⚠️ https://github.com/Yu1e/vuls/blob/main/SQL%20injection%20vulnerability%20exists%20in%20Tongda%20OA.md |
|---|
| User | yu1e (UID 61631) |
|---|
| Submission | 01/17/2024 13:26 (2 years ago) |
|---|
| Moderation | 01/26/2024 12:01 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 252183 [Tongda OA 2017 up to 11.9 delete_webmail.php WEBBODY_ID_STR sql injection] |
|---|
| Points | 20 |
|---|