Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tongda — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Tongda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tongda is a prominent provider of office automation and enterprise collaboration software, primarily serving large organizations in China with integrated platforms for workflow management, document control, and communication. Historically, its products have been plagued by a significant volume of security flaws, currently totaling 53 recorded CVEs. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and authentication bypasses, often stemming from insecure deserialization and weak input validation in legacy modules. Notable incidents include widespread exploitation of unauthenticated remote code execution flaws that allowed attackers to gain full system control, leading to massive data breaches and ransomware deployments across numerous enterprises. The high frequency of critical severity ratings underscores persistent issues in code quality and patch management, making the software a frequent target for automated scanning tools and state-sponsored threat actors seeking initial access points within corporate networks.

Top products by Tongda: OA 2017 OA
CVE IDTitleCVSSSeverityPublished
CVE-2023-6276 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-11-24
CVE-2023-6084 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-11-12
CVE-2023-6054 Tongda OA 2017 lock.php sql injection — OA 2017CWE-89 5.5 Medium2023-11-09
CVE-2023-6053 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-11-09
CVE-2023-6052 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-11-09
CVE-2023-5783 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-10-26
CVE-2023-5782 Tongda OA 2017 General News delete_query.php sql injection — OA 2017CWE-89 5.5 Medium2023-10-26
CVE-2023-5781 Tongda OA 2017 delete_webmail.php DELETE_STR sql injection — OA 2017CWE-89 6.3 Medium2023-10-26
CVE-2023-5780 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 7.3 High2023-10-26
CVE-2023-5682 Tongda OA delete.php sql injection — OACWE-89 5.5 Medium2023-10-20
CVE-2023-5497 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-10-10
CVE-2023-5298 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-09-30
CVE-2023-5285 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-09-29
CVE-2023-5267 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-09-29
CVE-2023-5265 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-09-29
CVE-2023-5261 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-09-29
CVE-2023-5030 Tongda OA delete.php sql injection — OACWE-89 5.5 Medium2023-09-17
CVE-2023-5026 Tongda OA cross site scripting — OACWE-79 3.5 Low2023-09-17
CVE-2023-5023 Tongda OA delete.php sql injection — OACWE-89 5.5 Medium2023-09-17
CVE-2023-5019 Tongda OA delete.php sql injection — OACWE-89 6.3 Medium2023-09-17
CVE-2023-4166 Tongda OA delete_log.php sql injection — OACWE-89 5.5 Medium2023-08-05
CVE-2023-4165 Tongda OA delete_seal.php sql injection — OACWE-89 5.5 Medium2023-08-05
CVE-2023-2738 Tongda OA GatewayController.php actionGetdata unrestricted upload — OACWE-434 6.3 Medium2023-05-16

This page lists every published CVE security advisory associated with Tongda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.