Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tongda — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Tongda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tongda is a prominent provider of office automation and enterprise collaboration software, primarily serving large organizations in China with integrated platforms for workflow management, document control, and communication. Historically, its products have been plagued by a significant volume of security flaws, currently totaling 53 recorded CVEs. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and authentication bypasses, often stemming from insecure deserialization and weak input validation in legacy modules. Notable incidents include widespread exploitation of unauthenticated remote code execution flaws that allowed attackers to gain full system control, leading to massive data breaches and ransomware deployments across numerous enterprises. The high frequency of critical severity ratings underscores persistent issues in code quality and patch management, making the software a frequent target for automated scanning tools and state-sponsored threat actors seeking initial access points within corporate networks.

Top products by Tongda: OA 2017 OA
CVE IDTitleCVSSSeverityPublished
CVE-2024-10732 Tongda OA 2017 index.php sql injection — OA 2017CWE-89 6.3 Medium2024-11-03
CVE-2024-10731 Tongda OA check_seal.php sql injection — OACWE-89 6.3 Medium2024-11-03
CVE-2024-10730 Tongda OA web_show.php sql injection — OACWE-89 6.3 Medium2024-11-03
CVE-2024-10658 Tongda OA check_seal.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10657 Tongda OA prcs_info.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10656 Tongda OA 2017 apply.php sql injection — OA 2017CWE-89 6.3 Medium2024-11-01
CVE-2024-10655 Tongda OA 2017 new.php sql injection — OA 2017CWE-89 6.3 Medium2024-11-01
CVE-2024-10619 Tongda OA 2017 next_detail.php sql injection — OA 2017CWE-89 6.3 Medium2024-11-01
CVE-2024-10618 Tongda OA 2017 record_detail.php sql injection — OA 2017CWE-89 6.3 Medium2024-11-01
CVE-2024-10617 Tongda OA check_seal.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10616 Tongda OA webSignSubmit.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10615 Tongda OA 2017 delete_data_attach.php sql injection — OA 2017CWE-89 6.3 Medium2024-11-01
CVE-2024-10602 Tongda OA 2017 data_picker_link.php sql injection — OA 2017CWE-89 6.3 Medium2024-10-31
CVE-2024-10601 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2024-10-31
CVE-2024-10600 Tongda OA 2017 submenu.php sql injection — OA 2017CWE-89 7.3 High2024-10-31
CVE-2024-10599 Tongda OA 2017 package_static_resources.php resource consumption — OA 2017CWE-400 5.3 Medium2024-10-31
CVE-2024-10598 Tongda OA Annual Leave data.php improper authorization — OACWE-285 5.3 Medium2024-10-31
CVE-2024-4903 Tongda OA delete.php sql injection — OACWE-89 6.3 Medium2024-05-15
CVE-2024-1252 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2024-02-06
CVE-2024-1251 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2024-02-06
CVE-2024-0938 Tongda OA 2017 delete_webmail.php sql injection — OA 2017CWE-89 5.5 Medium2024-01-26
CVE-2023-7180 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-12-30
CVE-2023-7023 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 6.3 Medium2023-12-21
CVE-2023-7022 Tongda OA 2017 delete_all.php sql injection — OA 2017CWE-89 6.3 Medium2023-12-21
CVE-2023-7021 Tongda OA 2017 delete_search.php sql injection — OA 2017CWE-89 6.3 Medium2023-12-21
CVE-2023-7020 Tongda OA 2017 view.php sql injection — OA 2017CWE-89 6.3 Medium2023-12-21
CVE-2023-6885 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-12-16
CVE-2023-6611 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-12-08
CVE-2023-6608 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-12-08
CVE-2023-6607 Tongda OA 2017 delete.php sql injection — OA 2017CWE-89 5.5 Medium2023-12-08

This page lists every published CVE security advisory associated with Tongda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.