VYPR
Unrated severityNVD Advisory· Published Feb 16, 2024· Updated Aug 20, 2024

CVE-2024-25320

CVE-2024-25320

Description

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFF_ID parameter at /affair/delete.php.

Affected products

2
  • Tongda/OAdescription
  • Cnoa/Oallm-fuzzy
    Range: >=v2017, <=v11.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.