CVE-2026-9465 | Tiandy Easy7 Integrated Management Platform 7.17.0 GetDBDataEx.jsp strTBName sql injection

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform 7.17.0 and classified as critical. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection.

This vulnerability is known as CVE-2026-9465. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More