CVE-2026-7727: Shandong Hoteam Software PDM SQL Injection

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitysql-injectioncwe-74cwe-89
CVE-2026-7727: Shandong Hoteam Software PDM SQL Injection

The National Vulnerability Database (NVD) has detailed CVE-2026-7727, a high-severity SQL injection vulnerability impacting Shandong Hoteam Software PDM Product Data Management System up to version 8.3.9. The flaw resides in the GetQueryMachineGridOnePageData function within the /Base/BaseService.asmx/DataService file. Attackers can exploit this by manipulating the SortOrder argument, leading to remote SQL injection.

This is a critical remote code execution vector. An unauthenticated attacker can leverage this to extract sensitive data, modify database records, or potentially gain full control over the underlying system. The CVSSv3.1 score of 7.3 (High) reflects the network-exploitable, low-complexity nature of the attack, requiring no privileges or user interaction.

Defenders must prioritize patching. Shandong Hoteam Software has addressed this in version 8.3.10. Organizations using affected PDM systems should immediately upgrade to mitigate the risk of data compromise and system control takeover.

What This Means For You

  • If your organization uses Shandong Hoteam Software PDM Product Data Management System, immediately verify your version. If it's 8.3.9 or earlier, patch to version 8.3.10 without delay. This is a remote SQL injection vulnerability that allows unauthenticated attackers to compromise your data and systems. Don't wait for active exploitation.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1505.003 Server Software Component Initial Access T1190 Exploit Public-Facing Application Initial Access

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

CVE-2026-7727: Shandong Hoteam PDM SQL Injection via GetQueryMachineGridOnePageData

Sigma YAML — free preview 
title: CVE-2026-7727: Shandong Hoteam PDM SQL Injection via GetQueryMachineGridOnePageData
id: scw-2026-05-04-ai-1
status: experimental
level: critical
description: |
  Detects attempts to exploit CVE-2026-7727 by targeting the GetQueryMachineGridOnePageData function in Shandong Hoteam PDM. The rule looks for specific URI paths and SQL injection patterns within the query string, specifically targeting the 'SortOrder' parameter.
author: SCW Feed Engine (AI-generated)
date: 2026-05-04
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-7727/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      uri|contains:
          - '/Base/BaseService.asmx/DataService'
      cs-uri-query|contains:
          - 'SortOrder'
      cs-uri-query|contains:
          - 'UNION'
      cs-uri-query|contains:
          - 'SELECT'
      condition: uri AND cs-uri-query
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-7727 SQLi Shandong Hoteam Software PDM Product Data Management System up to 8.3.9
CVE-2026-7727 SQLi Vulnerable function: GetQueryMachineGridOnePageData in /Base/BaseService.asmx/DataService
CVE-2026-7727 SQLi Vulnerable argument: SortOrder

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 04, 2026 at 08:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

osrg GoBGP Buffer Overflow (CVE-2026-7735) Poses Remote Threat

CVE-2026-7735 — A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-7734 — Osrg GoBGP Denial of Service

CVE-2026-7734 — A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefix_sid.go of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7733: funadmin Unrestricted File Upload Exposes Systems

CVE-2026-7733 — A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend...

vulnerabilityCVEhigh-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma