204 matches found
CVE-2026-7490
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-7489
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-7490
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-7489
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-7490 Sunnet|CTMS and CPAS - Arbitrary File Upload
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-7490
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-7490 Sunnet|CTMS and CPAS - Arbitrary File Upload
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-7490
Sunnet CTMS and CPAS are affected by an Arbitrary File Upload vulnerability that can allow privileged remote attackers to upload and execute web shell backdoors, enabling arbitrary code execution on the server. The CVSS vectors indicate high severity (7.2/8.6) with network access, low attack comp...
EUVD-2026-26770
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-7489 Sunnet|CTMS - SQL Injection
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-7489
Technical details are not publicly available in the provided documents; monitor for updates.
EUVD-2026-26769
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-7489
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-7489 Sunnet|CTMS - SQL Injection
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
Sunnet CTMS和Sunnet CPAS 代码问题漏洞
Sunnet CTMS and Sunnet CPAS are both products of China’s Sunnet Company. Sunnet CTMS is an enterprise training software. Sunnet CPAS is an enterprise performance management software. Both Sunnet CTMS and Sunnet CPAS have code vulnerabilities. These vulnerabilities stem from arbitrary file upload...
PT-2026-36599
Name of the Vulnerable Software and Affected Versions CTMS affected versions not specified CPAS affected versions not specified Description CTMS and CPAS developed by Sunnet contain an arbitrary file upload flaw. This allows privileged remote attackers to upload and execute web shell backdoors,...
Sunnet CTMS SQL注入漏洞
Sunnet CTMS is an enterprise training software developed by Sunnet Corporation in China. Sunnet CTMS has a SQL injection vulnerability, which allows a remote attacker to inject arbitrary SQL commands to read, modify, and delete database content...
CVE-2025-15225
WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files...
CVE-2025-15226
WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-15226
WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...