CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-5298

A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240938 is the identifier assigned to this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.2%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.2

References

https://github.com/szh0105/cve/blob/main/sql.md
https://vuldb.com/?ctiid.240938
https://vuldb.com/?id.240938
https://github.com/szh0105/cve/blob/main/sql.md
https://vuldb.com/?ctiid.240938
https://vuldb.com/?id.240938

Products affected by CVE-2023-5298

Tongda2000 » Tongda Office Anywhere » Version: Any

cpe:2.3:a:tongda2000:tongda_office_anywhere:*
Tongda2000 » Tongda Office Anywhere » Version: 2017

cpe:2.3:a:tongda2000:tongda_office_anywhere:2017

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5298

Products

Pricing

Contact Us