Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tongda — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Tongda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tongda is a prominent provider of office automation and enterprise collaboration software, primarily serving large organizations in China with integrated platforms for workflow management, document control, and communication. Historically, its products have been plagued by a significant volume of security flaws, currently totaling 53 recorded CVEs. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and authentication bypasses, often stemming from insecure deserialization and weak input validation in legacy modules. Notable incidents include widespread exploitation of unauthenticated remote code execution flaws that allowed attackers to gain full system control, leading to massive data breaches and ransomware deployments across numerous enterprises. The high frequency of critical severity ratings underscores persistent issues in code quality and patch management, making the software a frequent target for automated scanning tools and state-sponsored threat actors seeking initial access points within corporate networks.

Found 16 results / 53Clear Filters
Top products by Tongda: OA 2017 OA
CVE IDTitleCVSSSeverityPublished
CVE-2024-10731 Tongda OA check_seal.php sql injection — OACWE-89 6.3 Medium2024-11-03
CVE-2024-10730 Tongda OA web_show.php sql injection — OACWE-89 6.3 Medium2024-11-03
CVE-2024-10658 Tongda OA check_seal.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10657 Tongda OA prcs_info.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10617 Tongda OA check_seal.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10616 Tongda OA webSignSubmit.php sql injection — OACWE-89 6.3 Medium2024-11-01
CVE-2024-10598 Tongda OA Annual Leave data.php improper authorization — OACWE-285 5.3 Medium2024-10-31
CVE-2024-4903 Tongda OA delete.php sql injection — OACWE-89 6.3 Medium2024-05-15
CVE-2023-5682 Tongda OA delete.php sql injection — OACWE-89 5.5 Medium2023-10-20
CVE-2023-5030 Tongda OA delete.php sql injection — OACWE-89 5.5 Medium2023-09-17
CVE-2023-5026 Tongda OA cross site scripting — OACWE-79 3.5 Low2023-09-17
CVE-2023-5023 Tongda OA delete.php sql injection — OACWE-89 5.5 Medium2023-09-17
CVE-2023-5019 Tongda OA delete.php sql injection — OACWE-89 6.3 Medium2023-09-17
CVE-2023-4166 Tongda OA delete_log.php sql injection — OACWE-89 5.5 Medium2023-08-05
CVE-2023-4165 Tongda OA delete_seal.php sql injection — OACWE-89 5.5 Medium2023-08-05
CVE-2023-2738 Tongda OA GatewayController.php actionGetdata unrestricted upload — OACWE-434 6.3 Medium2023-05-16

This page lists every published CVE security advisory associated with Tongda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.