Vulnerability Details CVE-2023-5023
A vulnerability was found in Tongda OA 2017 and classified as critical. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_relatives/delete.php. The manipulation of the argument RELATIVES_ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239864.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 5.2
References
Products affected by CVE-2023-5023
-
cpe:2.3:a:tongda2000:tongda_office_anywhere:2017