Lucene search
+L

5 matches found

CVE
CVE
added 2026/05/25 2:15 p.m.32 views

CVE-2026-9465

CVE-2026-9465 affects Tiandy Easy7 Integrated Management Platform 7.17.0. The vulnerability is in unknown code of /Easy7/apps/WebService/GetDBDataEx.jsp, where manipulating the argument strTBName results in SQL injection. Remote exploitation is possible and the exploit has been made public. The v...

7.5CVSS6.8AI score0.00319EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/03 1:30 p.m.8 views

CVE-2026-7698 Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...

7.5CVSS6.9AI score0.01655EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.11 views

PT-2026-27111

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS6.8AI score0.03312EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/17 12:2 a.m.2 views

CVE-2026-4288

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.9 views

PT-2026-25831

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Rows per page
Query Builder