CVE-2026-7490

CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2026-7489 Sunnet｜CTMS - SQL Injection

CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

EUVD-2025-26258

Malicious code in bioql PyPI...

SUNNET Corporate Training Management System 安全漏洞

SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which stems from vulnerability to SQL injection attacks...

PT-2025-35338

Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description An unrestricted file upload issue exists in SUNNET Corporate Training Management System. This allows remote attackers to upload files of dangerous types and...

旭聊科技 Sunnet eHRD 路径遍历漏洞

Sunnet eHRD is a talent management system from SunChat Technology Inc. of Taiwan, China. The system supports talent management and performance management, etc. Sunnet eHRD has a path traversal vulnerability, which can be exploited by attackers to conduct a path traversal attack to access restrict...

CVE-2020-10510

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data...