204 matches found
CVE-2025-54944
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution...
CVE-2025-54943
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks...
CVE-2025-54943
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks...
CVE-2025-54942
A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...
CVE-2025-54942
A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...
CVE-2025-54946 SUNNET Corporate Training Management System - SQL Injection
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...
CVE-2025-54946 SUNNET Corporate Training Management System - SQL Injection
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...
CVE-2025-54946
CVE-2025-54946 affects SUNNET Corporate Training Management System prior to 10.11. Multiple sources confirm a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands, with high impact on confidentiality, integrity, and availability. Root cause: unsafeguarded con...
CVE-2025-54945
CVE-2025-54945 affects SUNNET Corporate Training Management System prior to 10.11. The vulnerability is an external control of file name or path that enables remote attackers to execute arbitrary system commands by steering the destination file path. No explicit exploitation details are provided ...
CVE-2025-54945 SUNNET Corporate Training Management System - External Control of File Name or Path
An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path...
CVE-2025-54944 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution...
CVE-2025-54944
CVE-2025-54944 affects SUNNET Corporate Training Management System prior to version 10.11. An unrestricted upload of files with dangerous types allows remote attackers to write malicious code to a specific file, potentially leading to arbitrary code execution. Root cause: insufficient validation ...
CVE-2025-54944 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution...
CVE-2025-54943
SUNNET Corporate Training Management System before 10.11 has a missing authorization flaw due to inadequate access control checks, enabling remote deployment of applications. The PT-2025-35337 advisory lists versions prior to 10.11 as affected and recommends upgrading to a version newer than 10.1...
CVE-2025-54942
CVE-2025-54942 describes a missing authentication for a critical function in the SUNNET Corporate Training Management System prior to version 10.11, allowing remote attackers to access deployment functionality without credentials. The vulnerability is corroborated by multiple connected records (N...
CVE-2025-54942 SUNNET Corporate Training Management System - Missing Authentication for Critical Function
A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...
CVE-2025-54942 SUNNET Corporate Training Management System - Missing Authentication for Critical Function
A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...
SUNNET Corporate Training Management System 安全漏洞
SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which originates from an external control over file names or paths and could lead to the...
SUNNET Corporate Training Management System 安全漏洞
SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which stems from vulnerability to SQL injection attacks...
SUNNET Corporate Training Management System 安全漏洞
SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which stems from allowing the upload of a dangerous type of file that could lead to the...