204 matches found
SUNNET Corporate Training Management System 安全漏洞
SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which stems from a lack of authentication for critical functionality, which could allow a remo...
PT-2025-35338
Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description An unrestricted file upload issue exists in SUNNET Corporate Training Management System. This allows remote attackers to upload files of dangerous types and...
SUNNET Corporate Training Management System 安全漏洞
SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which stems from a lack of authorization checking and could lead to unauthorized application...
PT-2025-35337
Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description The SUNNET Corporate Training Management System contains a missing authorization flaw. This allows remote attackers to deploy applications without proper...
PT-2025-35339
Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description A file name or path vulnerability exists in SUNNET Corporate Training Management System that allows remote attackers to execute arbitrary system commands via a...
PT-2025-35336
Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description A missing authentication check for a critical function allows remote attackers to access deployment functionality without authentication. Recommendations Update to...
PT-2025-35341
Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description A SQL injection flaw exists in SUNNET Corporate Training Management System. This issue allows remote attackers to execute arbitrary SQL commands. Recommendations...
CVE-2025-3707
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents...
CVE-2025-3707
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents...
CVE-2025-3707
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents...
CVE-2025-3707 Sunnet eHRD CTMS - SQL Injection
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents...
CVE-2025-3707 Sunnet eHRD CTMS - SQL Injection
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents...
CVE-2025-3707
The CVE-2025-3707 entry concerns Sunnet’s eHDR CTMS which is affected by a SQL Injection vulnerability in the CTMS component. The issue allows remote attackers with regular privileges to inject arbitrary SQL commands and read database contents, with the confidentiality impact rated High (CVSS 3.1...
Sunnet eHRD CTMS SQL注入漏洞
Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from China Sunnet Sunnet. A SQL injection vulnerability exists in Sunnet eHRD CTMS version 10.13 and prior versions, which stems from a SQL injection vulnerability that could allow a remote attacker to read...
SUNNET Wisdom Master Pro 安全漏洞
SUNNET Wisdom Master Pro is a Wisdom Master management platform from SUNNET. A security vulnerability exists in SUNNET Wisdom Master Pro 5.2 and earlier versions, which stems from a lack of authorization and could lead to a remote attacker obtaining some user data...
SUNNET Wisdom Master Pro 安全漏洞
SUNNET Wisdom Master Pro is a Wisdom Master management platform from SUNNET. A security vulnerability exists in SUNNET Wisdom Master Pro version 5.2 and prior versions, which stems from a course management feature that allows uploading of dangerous types of files, which could lead to the uploadin...
CVE-2024-11984
The CVE-2024-11984 vulnerability affects the Corporate Training Management System, specifically the epaper draft function. It describes an unrestricted upload of files with dangerous types that lets remote authenticated users bypass upload restrictions and run arbitrary commands with SYSTEM privi...
CVE-2024-11984 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with SYSTEM privilege via a crafted ZIP file...
SUNNET Corporate Training Management System 安全漏洞
SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.13. An attacker can use this vulnerability to execute arbitrary system commands with SYSTEM...
CVE-2024-10440
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents...