Vendor
high
advisory
Tiandy Easy7 Integrated Management Platform SQL Injection Vulnerability (CVE-2026-9465)
2 rules 1 TTP 1 CVETiandy Easy7 Integrated Management Platform 7.17.0 is vulnerable to SQL injection (CVE-2026-9465) via manipulation of the strTBName argument in /Easy7/apps/WebService/GetDBDataEx.jsp, allowing a remote attacker to execute arbitrary SQL commands.
Easy7 Integrated Management Platform 7.17.0
sql-injection
cve-2026-9465
web-application
2r
1t
1c
critical
advisory
Tiandy Easy7 Integrated Management Platform OS Command Injection Vulnerability
2 rules 1 TTP 1 CVECVE-2026-7698 allows for remote OS command injection in Tiandy Easy7 Integrated Management Platform 7.17.0 via manipulation of the 'week' argument in the /Easy7/rest/systemInfo/updateDbBackupInfo file.
Easy7 Integrated Management Platform
cve-2026-7698
command-injection
web-application
2r
1t
1c