Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun ehrd 8 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-43358
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote malicious user to perform path traversal attacks without authentication, access restricted paths and download system files.
Sun Ehrd 8
Sun Ehrd 9
8.8
CVSSv3
CVE-2021-43359
Sunnet eHRD has broken access control vulnerability, which allows a remote malicious user to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.
Sun Ehrd 9
Sun Ehrd 8
8.8
CVSSv3
CVE-2021-43360
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt service...
Sun Ehrd 8
Sun Ehrd 9
7.5
CVSSv3
CVE-2020-10508
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
Sun Ehrd 8
Sun Ehrd 9
6.5
CVSSv3
CVE-2020-10510
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
Sun Ehrd 8
Sun Ehrd 9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started