CVE-2026-9465

A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the attack is possible...

CVE-2026-9466

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

EUVD-2026-31695

A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the attack is possible...

Tiandy Easy7 Integrated Management Platform 授权问题漏洞

Tiandy Easy7 Integrated Management Platform is a video surveillance integrated management platform from Tiandy, China. An authorization issue vulnerability exists in Tiandy Easy7 Integrated Management Platform version 7.17.0, which originates from the handling of the file...

CVE-2026-7698 Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...

CVE-2026-4187

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

CVE-2026-4220

A vulnerability has been found in Technologies Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /SetWebpagePic.jsp. The manipulation of the argument targetPath/Suffix leads to unrestricted upload. The attack may be initiated remotely. The...

EUVD-2026-12381

A vulnerability was determined in Tiandy Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /rest/user/getAuthorityByUserId. Executing a manipulation of the argument userId can lead to sql injection. The attack may be launched remotely. The...

EUVD-2026-12245

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

CVE-2026-4221

A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an unknown part of the file /rest/file/uploadLedImage of the component Endpoint. The manipulation of the argument File results in unrestricted upload. The attack may be launched remotely. The exploit has...

CVE-2026-4221

A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an unknown part of the file /rest/file/uploadLedImage of the component Endpoint. The manipulation of the argument File results in unrestricted upload. The attack may be launched remotely. The exploit has...

CVE-2026-4221

Tiandy Easy7 Integrated Management Platform 7.17.0 is affected by an unrestricted upload vulnerability in the Endpoint component via /rest/file/uploadLedImage. The issue allows remote exploitation with no authentication when uploading a File argument, potentially enabling arbitrary file upload. P...

CVE-2026-4220

CVE-2026-4220 affects Technologies Integrated Management Platform 7.17.0, with the flaw located in SetWebpagePic.jsp. The issue arises from manipulation of the targetPath/Suffix argument, resulting in unrestricted upload. The vulnerability is exploitable over a network with no user interaction, a...

PT-2026-25663

Name of the Vulnerable Software and Affected Versions Tiandy Integrated Management Platform version 7.17.0 Description A flaw exists in Tiandy Integrated Management Platform 7.17.0 that could allow for SQL injection. The issue is related to an unknown functionality within the file...

CVE-2026-4187 Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

CVE-2026-4187

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

CVE-2026-4187

Tiandy Easy7 Integrated Management Platform 7.17.0 is affected by CVE-2026-4187, specifically an issue in the Device Identifier Handler’s /WebService/UpdateLocalDevInfo.jsp. The vulnerability arises from improper handling of the username/password arguments, enabling manipulation that leads to mis...

PT-2026-25561

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

Dahua Smart Park Integrated Management Platform 安全漏洞

Dahua Smart Park Integrated Management Platform is a park management platform from Dahua China. A security vulnerability exists in Dahua Smart Park Integrated Management Platform that originates from path traversal and could lead to remote code execution...

CVE-2025-4536

A vulnerability has been found in Gosuncn Technology Group Audio-Visual Integrated Management Platform 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysmgr/user/listByPage. The manipulation leads to information disclosure. The attack can b...