Lucene search
+L

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-34374

Malicious code in bioql PyPI...

9.4CVSS6.6AI score0.0074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/01 4:17 a.m.5 views

CVE-2025-54946

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...

9.8CVSS8.5AI score0.00452EPSS
Exploits0References1
OSV
OSV
added 2025/08/30 4:15 a.m.5 views

CVE-2025-54944

An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution...

9.8CVSS6.1AI score0.00644EPSS
Exploits0References1
NVD
NVD
added 2025/08/30 4:15 a.m.6 views

CVE-2025-54943

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks...

9.8CVSS0.00466EPSS
Exploits0References1
CVE
CVE
added 2025/08/30 3:42 a.m.16 views

CVE-2025-54943

SUNNET Corporate Training Management System before 10.11 has a missing authorization flaw due to inadequate access control checks, enabling remote deployment of applications. The PT-2025-35337 advisory lists versions prior to 10.11 as affected and recommends upgrading to a version newer than 10.1...

9.8CVSS6.4AI score0.00466EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/08/30 12:0 a.m.5 views

SUNNET Corporate Training Management System 安全漏洞

SUNNET Corporate Training Management System is a corporate training management system from SUNNET. A security vulnerability exists in SUNNET Corporate Training Management System versions prior to 10.11, which stems from a lack of authorization checking and could lead to unauthorized application...

9.8CVSS6.5AI score0.00466EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/30 12:0 a.m.7 views

PT-2025-35341

Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description A SQL injection flaw exists in SUNNET Corporate Training Management System. This issue allows remote attackers to execute arbitrary SQL commands. Recommendations...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/08/30 12:0 a.m.7 views

PT-2025-35337

Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description The SUNNET Corporate Training Management System contains a missing authorization flaw. This allows remote attackers to deploy applications without proper...

9.8CVSS5.9AI score0.00466EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.9 views

The vulnerability of the WPLMS training management system, a content management system for WordPress websites, allows an attacker to gain access to read, modify, or delete data.

The vulnerability of the WPLMS training management system involves incorrect restrictions on the path to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

10CVSS8.1AI score0.33856EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2024/12/19 4:15 a.m.9 views

CVE-2024-11984

A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with SYSTEM privilege via a crafted ZIP file...

9.4CVSS0.0074EPSS
Exploits0References1
CVE
CVE
added 2024/12/19 4:1 a.m.47 views

CVE-2024-11984

The CVE-2024-11984 vulnerability affects the Corporate Training Management System, specifically the epaper draft function. It describes an unrestricted upload of files with dangerous types that lets remote authenticated users bypass upload restrictions and run arbitrary commands with SYSTEM privi...

9.4CVSS6.6AI score0.0074EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/19 4:1 a.m.21 views

CVE-2024-11984 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type

A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with SYSTEM privilege via a crafted ZIP file...

9.4CVSS0.0074EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/21 12:0 a.m.1 views

Arbitrary file upload vulnerability in EduWork uplaod.php page

EduWork is an almost open source training institution management system, focusing on solving the daily affairs of training institutions and the entire management. An arbitrary file upload vulnerability exists in the EduWork uplaod.php page. Attackers can use this vulnerability to obtain...

7.2AI score
Exploits0
CNVD
CNVD
added 2015/08/14 12:0 a.m.4 views

Online Training Management System Generalized Arbitrary File Download Vulnerability of Beijing Jianfeng Hexun Technology Co.

Peak Hutchinson's Online Training Management System is a software system that provides full-process management of training activities for learning organizations. There is a generic arbitrary file download vulnerability in the online training management system of Beijing Summit Hexun Technology Co...

6.9AI score
Exploits0References1
Rows per page
Query Builder