Easy7 Cms

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-3818 HIGH This Week

SQL injection in Tiandy Easy7 CMS 7.17.0 allows unauthenticated remote attackers to manipulate the strTBName parameter in GetDBData.jsp, potentially accessing or modifying sensitive database information. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

Windows SQLi Easy7 Cms

NVD VulDB

CVSS 3.1

7.3

EPSS

0.0%

CVE-2026-3818

EPSS 0% CVSS 7.3

HIGH This Week

SQL injection in Tiandy Easy7 CMS 7.17.0 allows unauthenticated remote attackers to manipulate the strTBName parameter in GetDBData.jsp, potentially accessing or modifying sensitive database information. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

Windows SQLi Easy7 Cms

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy