CVSS 3.1 Score 5.5 of 10 (medium)


Published Nov 9, 2023
Updated: Apr 11, 2024


CVE-2023-6054 is a critical vulnerability found in Tongda OA 2017 up to version 11.9. It affects an unknown part of the file general/wiki/cp/manage/lock.php and can be exploited through SQL injection by manipulating the argument TERM_ID_STR. The vulnerability has been publicly disclosed, and upgrading to version 11.10 is recommended to address the issue. The associated vulnerability identifier is VDB-244875. The vendor was contacted about this disclosure but did not respond. This vulnerability poses a potential danger to organizations using Tongda OA 2017 up to version 11.9, as it could be exploited by attackers to gain unauthorized access or manipulate data within the affected system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6054 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options