CVE-2024-25320 Information

Description

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFF_ID parameter at /affair/delete.php.

Reference

https://github.com/cqliuke/cve/blob/main/sql.md