top of page
perceptive_background_267k.jpg

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of…

Published:

8 maart 2026 om 23:00:00

Alert date:

9 maart 2026 om 13:01:00

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

A SQL injection vulnerability has been discovered in Tiandy Easy7 CMS Windows version 7.17.0. The flaw affects the GetDBData.jsp file where manipulation of the strTBName argument leads to SQL injection. The vulnerability can be exploited remotely and exploit code has been published. The vendor was notified but has not responded to the disclosure.

Technical details

Mitigation steps:

Affected products:

Tiandy Easy7 CMS

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-3818
https://my.feishu.cn/docx/RvTMdXwUqowtxNxt9BFcD3TOn3f?from=from_copylink
https://vuldb.com/?ctiid.349784
https://vuldb.com/?id.349784
https://vuldb.com/?submit.769536

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page