CVE-2026-7489

Name of the Vulnerable Software and Affected Versions CTMS (affected versions not specified)

Description CTMS developed by Sunnet contains a SQL Injection flaw. This allows authenticated remote attackers to inject arbitrary SQL commands, enabling them to read, modify, and delete database contents. SQL Injection is a type of flaw that occurs when an attacker can interfere with the queries that an application makes to its database.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.