CVE-2026-6834 aEnrich｜a+HRD - Missing Authorization

The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method...

CVE-2026-6833 aEnrich｜a+HRD - SQL Injection

The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2026-6833

The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

PT-2026-34247

CVE-2026-6834 The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specif… https://t.co/30wrzM11aW...

EUVD-2025-119990

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges...

CVE-2025-12871

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges...

aEnrich a+HRD 安全漏洞

aEnrich a+HRD is a full-service human resources development solution from Acer China aEnrich. A security vulnerability exists in aEnrich a+HRD, which stems from authentication misuse and could allow an unauthenticated remote attacker to forge an administrator access token and elevate privileges t...

PT-2025-46573

Name of the Vulnerable Software and Affected Versions aEnrich a+HRD affected versions not specified Description The a+HRD software contains an authentication issue that allows unauthenticated remote attackers to create administrator access tokens. These tokens can then be used to gain access to t...

aEnrich a+HRD 安全漏洞

aEnrich a+HRD is a full-service human resources development solution from Acer China aEnrich. A security vulnerability exists in aEnrich a+HRD that stems from authentication abuse and could allow an unauthenticated remote attacker to send specially crafted packets to obtain administrator access...

EUVD-2025-1782

Malicious code in bioql PyPI...

CVE-2025-0586

The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary code execution...

CVE-2025-0585 aEnrich Technology a+HRD - SQL Injection

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2025-0585 aEnrich Technology a+HRD - SQL Injection

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2025-0585

CVE-2025-0585 affects the a+HRD product from aEnrich Technology with a SQL Injection vulnerability that allows unauthenticated remote attackers to read, modify, and delete database contents. Connected sources corroborate a SQLi issue but vary on affected versions; CNNVD cites a+HRD 7.5 and prior,...

CVE-2025-0583

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

CVE-2025-0584 aEnrich Technology a+HRD - Server-Side Request Forgery (SSRF)

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network...

CVE-2025-0584 aEnrich Technology a+HRD - Server-Side Request Forgery (SSRF)

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network...

CVE-2025-0583 aEnrich Technology a+HRD - Reflected Cross-site Scripting(XSS)

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

CVE-2025-0583

CVE-2025-0583 concerns the a+HRD component from aEnrich Technology with a Reflected Cross-site Scripting (XSS) vulnerability. The canonical description across sources states that unauthenticated remote attackers can craft phishing-initiated requests to cause the execution of arbitrary JavaScript ...

aEnrich a+HRD SQL注入漏洞

aEnrich a+HRD is an all-in-one human resource development solution from Acer China aEnrich. A SQL injection vulnerability exists in aEnrich a+HRD 7.5 and prior versions, which originates from allowing an attacker to inject arbitrary SQL commands to read, modify, and delete database content...