CVE-2026-4232 in Integrated Management Platforminfo

Zusammenfassung

von MITRE • 16.03.2026

A vulnerability was determined in Tiandy Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /rest/user/getAuthorityByUserId. Executing a manipulation of the argument userId can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

16.03.2026

Moderieren

akzeptiert

Eintrag

VDB-351155

CPE

bereit

CWE

CWE-89 (bestätigt)

Exploit

Download

CVSS

7.3 (VulDB)

EPSS

0.00042

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-4232
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-4232
CVE Details	https://www.cvedetails.com/cve/CVE-2026-4232/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!