Tongda
Products
4- 38 CVEs
- 26 CVEs
- 5 CVEs
- 1 CVE
Recent CVEs
53| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-25320 | Cri | 0.64 | 9.8 | 0.01 | Feb 16, 2024 | Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFF_ID parameter at /affair/delete.php. | ||
| CVE-2022-25406 | Cri | 0.64 | 9.8 | 0.01 | Feb 24, 2022 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete_query.php via the DELETE_STR parameter. | ||
| CVE-2022-25405 | Cri | 0.64 | 9.8 | 0.01 | Feb 24, 2022 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in change_box.php via the DELETE_STR parameter. | ||
| CVE-2022-25404 | Cri | 0.64 | 9.8 | 0.01 | Feb 24, 2022 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETE_STR parameter. | ||
| CVE-2022-24206 | Cri | 0.64 | 9.8 | 0.01 | Feb 14, 2022 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. | ||
| CVE-2022-23902 | Cri | 0.64 | 9.8 | 0.01 | Feb 14, 2022 | Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. | ||
| CVE-2019-9759 | Cri | 0.64 | 9.8 | 0.01 | Apr 2, 2019 | An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter. | ||
| CVE-2024-10600 | Hig | 0.48 | 7.3 | 0.06 | Oct 31, 2024 | A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.6. Affected is an unknown function of the file pda/appcenter/submenu.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The… | ||
| CVE-2023-5780 | Hig | 0.48 | 7.3 | 0.01 | Oct 26, 2023 | A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack… | ||
| CVE-2024-10732 | Med | 0.41 | 6.3 | 0.01 | Nov 3, 2024 | A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /module/word_model/view/index.php. The manipulation of the argument query_str leads to sql injection. The attack can be… | ||
| CVE-2024-10731 | Med | 0.41 | 6.3 | 0.01 | Nov 3, 2024 | A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/check_seal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit… | ||
| CVE-2024-10657 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The… | ||
| CVE-2024-10656 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mr_id leads to sql injection. The attack may be initiated remotely. The exploit… | ||
| CVE-2024-10655 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit… | ||
| CVE-2024-10619 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argument repid leads to sql injection. It is possible to launch the attack remotely.… | ||
| CVE-2024-10618 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipulation of the argument repid leads to sql injection. The attack may be initiated… | ||
| CVE-2024-10617 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been… | ||
| CVE-2024-10615 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability was found in Tongda OA 2017 up to 11.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/query/list/input_form/delete_data_attach.php. The manipulation of the argument RUN_ID leads to sql… | ||
| CVE-2024-10602 | Med | 0.41 | 6.3 | 0.01 | Nov 1, 2024 | A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/list/input_form/data_picker_link.php. The manipulation of the argument dataSrc leads to sql injection. The… | ||
| CVE-2024-10601 | Med | 0.41 | 6.3 | 0.01 | Oct 31, 2024 | A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /general/address/private/address/query/delete.php. The manipulation of the argument where_repeat leads to sql… |
- risk 0.64cvss 9.8epss 0.01
Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFF_ID parameter at /affair/delete.php.
- risk 0.64cvss 9.8epss 0.01
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete_query.php via the DELETE_STR parameter.
- risk 0.64cvss 9.8epss 0.01
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in change_box.php via the DELETE_STR parameter.
- risk 0.64cvss 9.8epss 0.01
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETE_STR parameter.
- risk 0.64cvss 9.8epss 0.01
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.
- risk 0.64cvss 9.8epss 0.01
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter.
- risk 0.48cvss 7.3epss 0.06
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.6. Affected is an unknown function of the file pda/appcenter/submenu.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The…
- risk 0.48cvss 7.3epss 0.01
A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack…
- risk 0.41cvss 6.3epss 0.01
A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /module/word_model/view/index.php. The manipulation of the argument query_str leads to sql injection. The attack can be…
- risk 0.41cvss 6.3epss 0.01
A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/check_seal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit…
- risk 0.41cvss 6.3epss 0.01
A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mr_id leads to sql injection. The attack may be initiated remotely. The exploit…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit…
- risk 0.41cvss 6.3epss 0.01
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argument repid leads to sql injection. It is possible to launch the attack remotely.…
- risk 0.41cvss 6.3epss 0.01
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipulation of the argument repid leads to sql injection. The attack may be initiated…
- risk 0.41cvss 6.3epss 0.01
A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in Tongda OA 2017 up to 11.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/query/list/input_form/delete_data_attach.php. The manipulation of the argument RUN_ID leads to sql…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/list/input_form/data_picker_link.php. The manipulation of the argument dataSrc leads to sql injection. The…
- risk 0.41cvss 6.3epss 0.01
A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /general/address/private/address/query/delete.php. The manipulation of the argument where_repeat leads to sql…