漏洞描述
Tongda2000是中国通达(Tongda)公司的一套网络智能办公系统。 Tongda OA 2017 11.10及之前版本存在SQL注入漏洞,该漏洞源于general/wiki/cp/manage/delete.php 存在未知函数,通过参数 TERM_ID_STR 导致 SQL 注入。
通达OA /wiki/cp/manage/delete.php 路径存在SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- POC tongda-action-uploadfile: Tongda OA v2017 action_upload - Arbitrary File Upload
- POC tongda-api-file-upload: Tongda OA v11.8 api.ali.php - Arbitrary File Upload
- POC tongda-auth-bypass: Tongda OA 11.7 - Authentication Bypass
- POC tongda-contact-list-exposure: Tongda OA v2014 Get Contactlistt - Sensitive Information Disclosure
- POC tongda-getdata-rce: Tongda OA v11.9 getadata - Remote Code Execution
- POC tongda-getway-rfi: Tongda OA v11.8 getway.php - Remote File Inclution
- POC tongda-insert-sqli: Tongda OA v11.6 Insert Parameter - SQL Injection
- POC tongda-login-code-authbypass: Tongda OA v11.8 logincheck_code.php - Authentication Bypass
- POC tongda-meeting-unauth: Tongda OA Meeting - Unauthorized Access
- POC tongda-report-func-sqli: Tongda OA v11.6 report_bi.func.php - SQL injection
- POC tongda-video-file-read: Tongda OA V2017 Video File - Arbitrary File Read
- POC tongdaoa-auth-bypass: Tongda OA - Authentication Bypass
- 通达OA /get_columns.php SQL 注入漏洞