CVE-2019-9759: SQL Injection
First published: Tue Apr 02 2019(Updated: )
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tongda2000 Office Anywhere | =10.18.190121 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-9759.
What is the severity of CVE-2019-9759?
The severity of CVE-2019-9759 is critical with a severity value of 9.8.
What is the affected software?
The affected software is Tongda2000 Office Anywhere version 10.18.190121.
How can this vulnerability be exploited?
This vulnerability can be exploited through the general/approve_center/list/input_form/work_handle.php run_id parameter.
Is there a fix available for this vulnerability?
It is recommended to apply the latest security patch or update provided by the vendor to fix this vulnerability.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/tongda2000
- canonical/tongda2000 office anywhere
- version/tongda2000 office anywhere/10.18.190121