Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in change_box.php via the DELETE_STR parameter.Referenceshttps://github.com/dota-st/Vulnerability/blob/master/tongdaOA/V11.10_sql_1.md
