CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

66 matches found

RedhatCVE•added 2026/01/07 9:18 a.m.•3 views

CVE-2025-1676

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has...

6.5CVSS7.4AI score0.0076EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:18 a.m.•4 views

CVE-2025-1946

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

6.5CVSS7.7AI score0.03112EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:17 a.m.•2 views

CVE-2025-1947

A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The...

6.5CVSS7.8AI score0.02225EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-2963

Malware in sbrugna...

8.1CVSS6.6AI score0.00218EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-26257

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0027EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-16261

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00202EPSS

Exploits0References4

RedhatCVE•added 2025/09/01 4:17 a.m.•3 views

CVE-2025-54945

An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path...

10CVSS7.7AI score0.00083EPSS

Exploits0References1

RedhatCVE•added 2025/09/01 4:17 a.m.•1 views

CVE-2025-54943

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks...

9.8CVSS7AI score0.0008EPSS

Exploits0References1

CNNVD•added 2025/09/01 12:0 a.m.•1 views

Sunnet eHRD CTMS 跨站脚本漏洞

Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A cross-site scripting vulnerability exists in Sunnet eHRD CTMS that stems from a reflective cross-site scripting issue that could lead to arbitrary JavaScript code execution...

6.1CVSS6.6AI score0.00069EPSS

Exploits0References3

OSV•added 2025/08/30 4:15 a.m.•0 views

CVE-2025-54945

9.8CVSS6.2AI score

Exploits0References1

OSV•added 2025/08/30 4:15 a.m.•0 views

CVE-2025-54946

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...

9.8CVSS6.1AI score

Exploits0References1

NVD•added 2025/08/30 4:15 a.m.•2 views

CVE-2025-54946

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...

9.8CVSS0.00042EPSS

Exploits0References1

NVD•added 2025/08/30 4:15 a.m.•2 views

CVE-2025-54944

An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution...

9.8CVSS0.0027EPSS

Exploits0References1

OSV•added 2025/08/30 4:15 a.m.•1 views

CVE-2025-54943

9.8CVSS5.9AI score

Exploits0References1

OSV•added 2025/08/30 4:15 a.m.•0 views

CVE-2025-54942

A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...

9.8CVSS5.8AI score

Exploits0References1

Cvelist•added 2025/08/30 3:58 a.m.•3 views

CVE-2025-54946 SUNNET Corporate Training Management System - SQL Injection

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...

9.3CVSS0.00042EPSS

Exploits0References1

CVE•added 2025/08/30 3:58 a.m.•10 views

CVE-2025-54946

CVE-2025-54946 affects SUNNET Corporate Training Management System prior to 10.11. Multiple sources confirm a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands, with high impact on confidentiality, integrity, and availability. Root cause: unsafeguarded con...

9.8CVSS7.9AI score0.00042EPSS

Exploits0References1Affected Software1