Approved changes feed: RSS · Atom

cpe:2.3:a:tiandy:integrated_management_platform:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorTiandy (39e2c9e4-6c06-53c0-b4b5-5c5aceca2c4f)
ProductIntegrated Management Platform (66cffae4-0c55-5eb1-81f9-67279f6e4fb7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-4232 vulnerable 2026-06-08 08:05:13.053001 Tiandy Integrated Management Platform getAuthorityByUserId sql injection
HIGH (7.3)
A vulnerability was determined in Tiandy Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /rest/user/getAuthorityByUserId. Executing a manipulation of the argument userId can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-03-16T09:32:21.380Z
Updated: 2026-03-16T16:18:19.546Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.