Product
high
advisory
Sunnet CTMS/CPAS Arbitrary File Upload Vulnerability (CVE-2026-7490)
2 rules 3 TTPs 1 CVEA privileged remote attacker can exploit CVE-2026-7490 in Sunnet CTMS and CPAS to upload and execute web shell backdoors, leading to arbitrary code execution on the server.
CTMS +1
arbitrary-file-upload
web-shell
code-execution
2r
3t
1c
high
advisory
Sunnet CTMS SQL Injection Vulnerability (CVE-2026-7489)
2 rules 1 TTP 1 CVESunnet CTMS is vulnerable to SQL injection (CVE-2026-7489), allowing authenticated remote attackers to execute arbitrary SQL commands and compromise the database.
CTMS
sqli
cve-2026-7489
web-application
2r
1t
1c