Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-5497 | 1 Tongda2000 | 1 Office Anywhere | 2024-05-17 | 6.5 MEDIUM | 8.8 HIGH |
A vulnerability classified as critical has been found in Tongda OA 2017 11.10. Affected is an unknown function of the file general/hr/salary/welfare_manage/delete.php. The manipulation of the argument WELFARE_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241650 is the identifier assigned to this vulnerability. | |||||
CVE-2019-9759 | 1 Tongda2000 | 1 Office Anywhere | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter. |