CVE-2026-3818 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of…
Medium CVSS: 6.9

CVE-2026-3818

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Vendor
Tiandy
Product
Easy7 Cms
CWE
CWE-74
Yayın Tarihi
2026-03-09 12:16:12
Güncelleme
2026-03-10 18:45:27
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-74 Easy7 Cms MEDIUM Tiandy 2026

Referanslar

https://my.feishu.cn/docx/RvTMdXwUqowtxNxt9BFcD3TOn3f?from=from_copylink https://vuldb.com/?ctiid.349784 https://vuldb.com/?id.349784 https://vuldb.com/?submit.769536