Lucene search
K
Sun.netWmpro

5 matches found

CVE
CVE
added 2019/07/11 6:22 p.m.53 views

CVE-2019-11062

The CVE-2019-11062 entry affects SUNNET WMPro v5.0 and v5.1 for the eLearning system. Affected component: the API endpoint /teach/course/doajaxfileupload.php, where OS Command Injection is possible. Root cause described as unauthenticated remote command execution on the target server. Impact is h...

10CVSS9.9AI score0.05703EPSS
CVE
CVE
added 2023/09/18 2:30 a.m.34 views

CVE-2023-35850

The CVE-2023-35850 case affects SUNNET WMPro portal's file management function. The vulnerability is caused by insufficient filtering of user input, enabling an OS command injection. A remote attacker with administrator or privileged access can inject and execute arbitrary system commands to perf...

7.2CVSS7.3AI score0.00693EPSS
CVE
CVE
added 2023/09/18 2:33 a.m.32 views

CVE-2023-35851

CVE-2023-35851 affects SUNNET WMPro portal, specifically the FAQ function. The vulnerability results from insufficient validation of user input, enabling an unauthenticated remote attacker to inject arbitrary SQL commands and obtain sensitive information from the database. This is described acros...

7.5CVSS7.7AI score0.00602EPSS
CVE
CVE
added 2025/12/29 6:31 a.m.19 views

CVE-2025-15225

WMPro by Sunnet is affected by an Arbitrary File Read vulnerability exploitable via Relative Path Traversal. The issue allows unauthenticated remote attackers to read arbitrary system files. Available documents consistently describe the vulnerability class and impact but do not specify affected v...

8.7CVSS6.8AI score0.00461EPSS
CVE
CVE
added 2025/12/29 6:39 a.m.12 views

CVE-2025-15226

CVE-2025-15226 concerns WMPro by Sunnet, where an Arbitrary File Upload vulnerability allows unauthenticated remote attackers to upload and execute a web shell on the server, enabling arbitrary code execution . The vulnerability is described in multiple feeds (NVD/Red Hat/CIRCL/etc.) with no spec...

9.8CVSS8.1AI score0.00508EPSS