{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/shandong-hoteam-software/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7727"}],"_cs_exploited":false,"_cs_products":["PDM Product Data Management System (\u003c= 8.3.9)"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2026-7727","webserver"],"_cs_type":"advisory","_cs_vendors":["Shandong Hoteam Software"],"content_html":"\u003cp\u003eShandong Hoteam Software\u0026rsquo;s PDM Product Data Management System before version 8.3.10 is susceptible to a SQL injection vulnerability. The vulnerability exists in the \u003ccode\u003e/Base/BaseService.asmx/DataService\u003c/code\u003e file, specifically affecting the \u003ccode\u003eGetQueryMachineGridOnePageData\u003c/code\u003e function. By manipulating the \u003ccode\u003eSortOrder\u003c/code\u003e argument, a remote attacker can inject malicious SQL queries into the system. Successful exploitation could lead to unauthorized data access, modification, or even complete system compromise. Organizations using versions prior to 8.3.10 are urged to upgrade immediately to mitigate the risk. This vulnerability was reported on May 4, 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable Shandong Hoteam PDM instance running a version prior to 8.3.10.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/Base/BaseService.asmx/DataService\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eWithin the HTTP request, the attacker modifies the \u003ccode\u003eSortOrder\u003c/code\u003e argument.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eSortOrder\u003c/code\u003e argument is injected with SQL code.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the attacker-supplied SQL code.\u003c/li\u003e\n\u003cli\u003eThe application executes the attacker-controlled SQL query against the backend database.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to sensitive data stored within the database.\u003c/li\u003e\n\u003cli\u003eThe attacker exfiltrates the data or uses it for further malicious activities.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands on the affected system. This can lead to unauthorized access to sensitive data, modification of data, or even complete compromise of the database server. Organizations using vulnerable versions of Shandong Hoteam PDM Product Data Management System could suffer significant data breaches, financial losses, and reputational damage. There are no specific victim counts or sector targeting available, but this could affect any organization utilizing the vulnerable PDM system.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Shandong Hoteam Software PDM Product Data Management System to version 8.3.10 or later to remediate the vulnerability as mentioned in the overview.\u003c/li\u003e\n\u003cli\u003eImplement the provided Sigma rule \u003ccode\u003eDetect Hoteam PDM SQL Injection Attempt\u003c/code\u003e to identify malicious requests targeting the vulnerable endpoint.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious requests containing potentially malicious SQL syntax in the \u003ccode\u003eSortOrder\u003c/code\u003e parameter, as described in the attack chain.\u003c/li\u003e\n\u003cli\u003eImplement proper input validation and sanitization techniques to prevent SQL injection vulnerabilities in web applications, mitigating similar risks in the future.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-04T05:16:00Z","date_published":"2026-05-04T05:16:00Z","id":"/briefs/2026-05-hoteam-pdm-sqli/","summary":"Shandong Hoteam Software PDM Product Data Management System up to version 8.3.9 is vulnerable to SQL injection via manipulation of the SortOrder argument in the GetQueryMachineGridOnePageData function of the /Base/BaseService.asmx/DataService file, allowing remote attackers to potentially execute arbitrary SQL commands.","title":"Shandong Hoteam PDM Product Data Management System SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-hoteam-pdm-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Shandong Hoteam Software","version":"https://jsonfeed.org/version/1.1"}