Tongda OA har 11.10 check_seal.php ID SQL Injection

Wuro vulnerability wey an yi classify sey kura an gano shi a cikin Tongda OA har 11.10. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, /pda/appcenter/check_seal.php na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument ID shi SQL Injection. CWE shidin ka a yi bayani matsala sai ya kai CWE-89. Gaskiya, laifi an fitar da shi 11/02/2024. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2024-10731. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. Wuro exploit ɗin an bayyana shi ga jama'a kuma za a iya amfani da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a github.com. Kama 0-day, an ndiyam a wuro be $0-$5k. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Waktin goyi

Màdùmga

VulDB Mod Team86

Furɗe

cvss3_meta_tempscore2
cve_nvd_summaryes1
cvss2_cna_basescore1
cvss2_cna_ai1
cvss2_cna_ii1

Commit Conf

99%30
90%29
50%11
70%9
80%7

Approve Conf

99%30
90%29
80%27

86 Kari

IDSandaMàdùmgaFurɗeGargajiyaGargaGargajiyaJawanC
1812044311/04/2024
 VulDB…		cve_nvd_summaryesSe ha detectado una vulnerabilidad clasificada como crítica en Tongda OA hasta la versión 11.10. Se trata de una función desconocida del archivo /pda/appcenter/check_seal.php. La manipulación del argumento ID provoca una inyección SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho público y puede utilizarse.cve.org11/04/2024shingilam
99
1811201211/03/2024
 VulDB…		cvss3_meta_tempscore6.0see CVSS documentation11/03/2024shingilam
80
1811201111/03/2024
 VulDB…		cvss2_cna_basescore6.5see CVSS documentation11/03/2024shingilam
99
1811201011/03/2024
 VulDB…		cvss2_cna_aiPsee CVSS documentation11/03/2024shingilam
99
1811200911/03/2024
 VulDB…		cvss2_cna_iiPsee CVSS documentation11/03/2024shingilam
99
1811200811/03/2024
 VulDB…		cvss2_cna_ciPsee CVSS documentation11/03/2024shingilam
99
1811200711/03/2024
 VulDB…		cvss2_cna_auSsee CVSS documentation11/03/2024shingilam
99
1811200611/03/2024
 VulDB…		cvss2_cna_acLsee CVSS documentation11/03/2024shingilam
99
1811200511/03/2024
 VulDB…		cvss2_cna_avNsee CVSS documentation11/03/2024shingilam
99
1811200411/03/2024
 VulDB…		cvss3_cna_basescore6.3see CVSS documentation11/03/2024shingilam
99
1811200311/03/2024
 VulDB…		cvss3_cna_aLsee CVSS documentation11/03/2024shingilam
99
1811200211/03/2024
 VulDB…		cvss3_cna_iLsee CVSS documentation11/03/2024shingilam
99
1811200111/03/2024
 VulDB…		cvss3_cna_cLsee CVSS documentation11/03/2024shingilam
99
1811200011/03/2024
 VulDB…		cvss3_cna_sUsee CVSS documentation11/03/2024shingilam
99
1811199911/03/2024
 VulDB…		cvss3_cna_uiNsee CVSS documentation11/03/2024shingilam
99
1811199811/03/2024
 VulDB…		cvss3_cna_prLsee CVSS documentation11/03/2024shingilam
99
1811199711/03/2024
 VulDB…		cvss3_cna_acLsee CVSS documentation11/03/2024shingilam
99
1811199611/03/2024
 VulDB…		cvss3_cna_avNsee CVSS documentation11/03/2024shingilam
99
1811199511/03/2024
 VulDB…		cvss4_cna_bscore5.3see CVSS documentation11/03/2024shingilam
99
1811199411/03/2024
 VulDB…		cvss4_cna_saNsee CVSS documentation11/03/2024shingilam
99

66 kala giteji ba a nunu fi.

🔒 Login Required

You need to signup and login to see more of the remaining 66 results.

GurɗoGumtiGada

Do you want to use VulDB in your project?

Use the official API to access entries easily!