Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202605-00000001

[Content Description]
【SUNNET Technology | CTMS Training Master - SQL Injection】(CVE-2026-7489, CVSS: 8.8) An authenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database contents.

[Affected Platforms]
CTMS Training Master: All Versions

[Recommended Actions]
The vendor should have provided a patch.
If you have not yet obtained one, please contact the vendor.

[References]
1. https://www.twcert.org.tw/tw/cp-132-10894-1ac1f-1.html