Lucene search
K

132 matches found

Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.10 views

PT-2026-27111

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS6.8AI score0.03312EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.4 views

EUVD-2026-12529

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.11 views

EUVD-2026-12530

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/03/17 12:16 a.m.5 views

CVE-2026-4287

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS0.00254EPSS
Exploits0References4
NVD
NVD
added 2026/03/17 12:16 a.m.4 views

CVE-2026-4288

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS0.00254EPSS
Exploits0References4
NVD
NVD
added 2026/03/17 12:16 a.m.4 views

CVE-2026-4289

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS0.00254EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/17 12:3 a.m.2 views

CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/17 12:3 a.m.37 views

CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS0.00254EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/17 12:3 a.m.3 views

CVE-2026-4289

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/17 12:3 a.m.15 views

CVE-2026-4289

Summary: CVE-2026-4289 affects Tiandy Easy7 Integrated Management Platform (up to v7.17.0). The vulnerability lies in the function at /rest/preSetTemplate/getRecByTemplateId where manipulating the ID parameter leads to a SQL injection. This can potentially be exploited remotely, and the exploit h...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/17 12:2 a.m.6 views

CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/17 12:2 a.m.40 views

CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS0.00254EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/17 12:2 a.m.2 views

CVE-2026-4288

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/17 12:2 a.m.14 views

CVE-2026-4288

CVE-2026-4288 affects Tiandy Easy7 Integrated Management Platform 7.17.0. The vulnerability is an SQL injection in an unknown function of the Endpoint component, triggered by manipulating the argument ID in /rest/devStatus/getDevDetailedInfo. Access is remote and exploitation is publicly availabl...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.7 views

Tiandy Easy7 Integrated Management Platform SQL注入漏洞

Tiandy Easy7 Integrated Management Platform is a comprehensive video surveillance management platform developed by Tiandy Company in China. Versions of Tiandy Easy7 Integrated Management Platform prior to 7.17.0 have a SQL injection vulnerability. This vulnerability arises from incorrect handling...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.9 views

Tiandy Easy7 Integrated Management Platform SQL注入漏洞

Tiandy Easy7 Integrated Management Platform is a comprehensive video surveillance management platform developed by Tiandy Company in China. The version 7.17.0 of Tiandy Easy7 Integrated Management Platform contains a SQL injection vulnerability. This vulnerability arises from incorrect handling o...

7.5CVSS7.1AI score0.00254EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.9 views

Tiandy Easy7 Integrated Management Platform SQL注入漏洞

Tiandy Easy7 Integrated Management Platform is a comprehensive video surveillance management platform developed by Tiandy Company in China. The version 7.17.0 of Tiandy Easy7 Integrated Management Platform contains a SQL injection vulnerability. This vulnerability arises from incorrect handling o...

7.5CVSS7.1AI score0.00254EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.11 views

PT-2026-25839

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.15 views

PT-2026-25838

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/16 11:33 p.m.2 views

CVE-2026-4287 Tiandy Easy7 Integrated Management Platform Endpoint queryResources sql injection

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References4
Rows per page
Query Builder