81 matches found
CVE-2025-12870 aEnrich|eHRD - Authentication Abuse
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges...
CVE-2025-12869 aEnrich|eHRD - Stored Cross-Site Scripting
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2025-12869 aEnrich|eHRD - Stored Cross-Site Scripting
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...
EUVD-2020-2961
Malware in sbrugna...
EUVD-2020-2962
Malware in sbrugna...
EUVD-2021-30293
Malicious code in bioql PyPI...
EUVD-2025-28867
Malicious code in bioql PyPI...
EUVD-2024-33120
Malicious code in bioql PyPI...
EUVD-2021-30295
Malicious code in bioql PyPI...
EUVD-2025-26321
Malicious code in bioql PyPI...
CVE-2025-9570
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-9568
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-9567
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-9570
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-9567
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2025-9570
Summary of findings for CVE-2025-9570 (Sunnet eHRD CTMS) : The eHRD CTMS product from Sunnet is affected by an Arbitrary File Reading vulnerability caused by a Relative Path Traversal flaw in the file handling logic. This could allow remote attackers with administrator privileges to download arbi...
CVE-2025-9570 Sunnet|eHRD CTMS - Arbitrary File Reading through Path Traversal
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-9569
Sunnet eHRD CTMS (Sunnet) has a Reflected Cross-site Scripting vulnerability (CVE-2025-9569). The issue is exploitable via phishing, where unauthenticated remote attackers can cause a user’s browser to execute arbitrary JavaScript. Affected component is the web interface; root cause is reflected ...
CVE-2025-9568 Sunnet|eHRD CTMS - Reflected Cross-site Scripting
The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
Sunnet eHRD CTMS 跨站脚本漏洞
Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A cross-site scripting vulnerability exists in Sunnet eHRD CTMS that stems from a reflective cross-site scripting issue that could lead to arbitrary JavaScript code execution...