|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-08-06 | |
| Rule Name: | TDXK Tongda OA V11.10 login.php SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Tongda OA is an enterprise level office automation software that provides functions such as process approval, document management, and collaborative work, aiming to improve the efficiency and management level of enterprise offices. The V11.10 version of login.php has an SQL injection vulnerability, which allows attackers to execute malicious SQL code, which can lead to data leakage, data corruption, service interruption, and even complete control of the database server. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |