Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ehrd vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2021-43358
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote malicious user to perform path traversal attacks without authentication, access restricted paths and download system files.
Sun Ehrd 8
Sun Ehrd 9
801
VMScore
CVE-2021-43359
Sunnet eHRD has broken access control vulnerability, which allows a remote malicious user to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.
Sun Ehrd 9
Sun Ehrd 8
445
VMScore
CVE-2020-10508
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
Sun Ehrd 8
Sun Ehrd 9
801
VMScore
CVE-2021-43360
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt service...
Sun Ehrd 8
Sun Ehrd 9
383
VMScore
CVE-2020-10509
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
Sun Ehrd 8.0
Sun Ehrd 9.0
356
VMScore
CVE-2020-10510
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
Sun Ehrd 8
Sun Ehrd 9
NA
CVE-2022-28740
aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor.
Aenrich A\\+hrd
NA
CVE-2022-28742
aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an malicious user to gain unauthenticated access to sensitive functionalities...
Aenrich A\\+hrd
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started