83 matches found
CVE-2025-12870 aEnrich|eHRD - Authentication Abuse
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges...
CVE-2025-12869 aEnrich|eHRD - Stored Cross-Site Scripting
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2025-12869 aEnrich|eHRD - Stored Cross-Site Scripting
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...
EUVD-2020-2962
Malware in sbrugna...
EUVD-2020-2961
Malware in sbrugna...
EUVD-2024-33120
Malicious code in bioql PyPI...
EUVD-2021-30295
Malicious code in bioql PyPI...
EUVD-2021-30293
Malicious code in bioql PyPI...
EUVD-2025-26321
Malicious code in bioql PyPI...
EUVD-2025-28867
Malicious code in bioql PyPI...
CVE-2025-9568
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-9570
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-9567
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-9570
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-9567
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-9570 Sunnet|eHRD CTMS - Arbitrary File Reading through Path Traversal
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-9570
Summary of findings for CVE-2025-9570 (Sunnet eHRD CTMS) : The eHRD CTMS product from Sunnet is affected by an Arbitrary File Reading vulnerability caused by a Relative Path Traversal flaw in the file handling logic. This could allow remote attackers with administrator privileges to download arbi...
CVE-2025-9569
Sunnet eHRD CTMS (Sunnet) has a Reflected Cross-site Scripting vulnerability (CVE-2025-9569). The issue is exploitable via phishing, where unauthenticated remote attackers can cause a user’s browser to execute arbitrary JavaScript. Affected component is the web interface; root cause is reflected ...
CVE-2025-9568 Sunnet|eHRD CTMS - Reflected Cross-site Scripting
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
PT-2025-35438
Name of the Vulnerable Software and Affected Versions: Sunnet eHRD affected versions not specified Description: The eHRD platform contains a reflected cross-site scripting issue. This allows unauthenticated remote attackers to execute arbitrary JavaScript code in a user's browser through phishing...