VYPR

Vendor CVEs

Tongda

All CVEs

53 total · sorted by risk
  • CVE-2024-25320CriFeb 16, 2024
    risk 0.64cvss 9.8epss 0.01

    Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFF_ID parameter at /affair/delete.php.

  • CVE-2022-25406CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.01

    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete_query.php via the DELETE_STR parameter.

  • CVE-2022-25405CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.01

    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in change_box.php via the DELETE_STR parameter.

  • CVE-2022-25404CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.01

    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETE_STR parameter.

  • CVE-2022-24206CriFeb 14, 2022
    risk 0.64cvss 9.8epss 0.01

    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.

  • CVE-2022-23902CriFeb 14, 2022
    risk 0.64cvss 9.8epss 0.01

    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.

  • CVE-2019-9759CriApr 2, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter.

  • CVE-2024-10600HigOct 31, 2024
    risk 0.48cvss 7.3epss 0.06

    A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.6. Affected is an unknown function of the file pda/appcenter/submenu.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2023-5780HigOct 26, 2023
    risk 0.48cvss 7.3epss 0.01

    A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack…

  • CVE-2024-10732MedNov 3, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /module/word_model/view/index.php. The manipulation of the argument query_str leads to sql injection. The attack can be…

  • CVE-2024-10731MedNov 3, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/check_seal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2024-10657MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2024-10656MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mr_id leads to sql injection. The attack may be initiated remotely. The exploit…

  • CVE-2024-10655MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit…

  • CVE-2024-10619MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argument repid leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2024-10618MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipulation of the argument repid leads to sql injection. The attack may be initiated…

  • CVE-2024-10617MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been…

  • CVE-2024-10615MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/query/list/input_form/delete_data_attach.php. The manipulation of the argument RUN_ID leads to sql…

  • CVE-2024-10602MedNov 1, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/list/input_form/data_picker_link.php. The manipulation of the argument dataSrc leads to sql injection. The…

  • CVE-2024-10601MedOct 31, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /general/address/private/address/query/delete.php. The manipulation of the argument where_repeat leads to sql…

  • CVE-2023-7023MedDec 21, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/vehicle/query/delete.php. The manipulation of the argument VU_ID leads to sql injection. The attack may be launched…

  • CVE-2023-7022MedDec 21, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/work_plan/manage/delete_all.php. The manipulation of the argument DELETE_STR leads to sql injection. The…

  • CVE-2023-7021MedDec 21, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/delete_search.php. The manipulation of the argument VU_ID leads to sql injection. It is possible to launch the attack…

  • CVE-2023-7020MedDec 21, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. This issue affects some unknown processing of the file general/wiki/cp/ct/view.php. The manipulation of the argument TEMP_ID leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2023-6276MedNov 24, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/ct/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2023-6084MedNov 12, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VU_ID leads to sql injection. The exploit has been disclosed…

  • CVE-2023-6053MedNov 9, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9. Affected by this issue is some unknown functionality of the file general/system/censor_words/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The…

  • CVE-2023-6052MedNov 9, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to…

  • CVE-2023-5783MedOct 26, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/system/approve_center/flow_sort/flow/delete.php. The manipulation of the argument id/sort_parent leads to sql…

  • CVE-2023-5781MedOct 26, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETE_STR of the file general/system/res_manage/monitor/delete_webmail.php. The manipulation leads to sql injection. The attack may be initiated remotely.…

  • CVE-2023-5497MedOct 10, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in Tongda OA 2017 11.10. Affected is an unknown function of the file general/hr/salary/welfare_manage/delete.php. The manipulation of the argument WELFARE_ID leads to sql injection. It is possible to launch the attack…

  • CVE-2023-5285MedSep 29, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical was found in Tongda OA 2017. Affected by this vulnerability is an unknown functionality of the file general/hr/recruit/recruitment/delete.php. The manipulation of the argument RECRUITMENT_ID leads to sql injection. The attack can be…

  • CVE-2023-5019MedSep 17, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical was found in Tongda OA. This vulnerability affects unknown code of the file general/hr/manage/staff_reinstatement/delete.php. The manipulation of the argument REINSTATEMENT_ID leads to sql injection. The attack can be initiated remotely.…

  • CVE-2023-2738MedMay 16, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to…

  • CVE-2024-1252MedFeb 6, 2024
    risk 0.36cvss 5.5epss 0.01

    A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/ask_duty/delete.php. The manipulation of the argument ASK_DUTY_ID leads to sql injection. The exploit…

  • CVE-2024-1251MedFeb 6, 2024
    risk 0.36cvss 5.5epss 0.01

    A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /general/email/outbox/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and…

  • CVE-2024-0938MedJan 26, 2024
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file /general/email/inbox/delete_webmail.php. The manipulation of the argument WEBBODY_ID_STR leads to sql injection. The exploit has been disclosed to…

  • CVE-2023-7180MedDec 30, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/project/proj/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. The exploit has…

  • CVE-2023-6885MedDec 16, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.10. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/vote/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has…

  • CVE-2023-6611MedDec 8, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file pda/pad/email/delete.php. The manipulation of the argument EMAIL_ID leads to sql injection. The exploit has been disclosed to the public…

  • CVE-2023-6608MedDec 8, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/notify/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been…

  • CVE-2023-6607MedDec 8, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/wiki/cp/manage/delete.php. The manipulation of the argument TERM_ID_STR leads to sql injection. The exploit has…

  • CVE-2023-6054MedNov 9, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/manage/lock.php. The manipulation of the argument TERM_ID_STR leads to sql injection. The exploit has been disclosed to the public…

  • CVE-2023-5782MedOct 26, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /manage/delete_query.php of the component General News. The manipulation of the argument NEWS_ID leads to sql injection. The exploit has been…

  • CVE-2023-5682MedOct 20, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manipulation of the argument RECORD_ID leads to sql injection. The exploit has been disclosed to the public…

  • CVE-2023-5298MedSep 30, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injection. The exploit has been…

  • CVE-2023-5267MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public…

  • CVE-2023-5265MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql injection. The exploit has…

  • CVE-2023-5261MedSep 29, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed…

  • CVE-2023-5023MedSep 17, 2023
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in Tongda OA 2017 and classified as critical. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_relatives/delete.php. The manipulation of the argument RELATIVES_ID leads to sql injection. The exploit has been…

Page 1 of 2