Lucene search
K

6 matches found

CVE
CVE
added 2020/03/27 7:35 a.m.79 views

CVE-2020-10509

CVE-2020-10509 affects Sunnet eHRD (Web application). The connected CNVD entry reports a Cross-Site Scripting (XSS) vulnerability caused by lack of proper validation of client-side data in the WEB application, allowing an attacker to execute client-side code via XSS. NVD reiterates XSS with injec...

6.1CVSS6.1AI score0.00835EPSS
CVE
CVE
added 2020/03/27 7:35 a.m.73 views

CVE-2020-10508

CVE-2020-10508 affects Sunnet eHRD, a human training and development management system. The vulnerability is an information-disclosure flaw caused by improper storage of system files, enabling an attacker to access confidential information via a specific URL. Multiple sources (NVD and CVE lists) ...

7.5CVSS7.5AI score0.0147EPSS
CVE
CVE
added 2020/03/27 7:35 a.m.71 views

CVE-2020-10510

CVE-2020-10510 affects Sunnet eHRD (human training and development management system). According to the provided documents, it involves Broken Access Control where, after login, an attacker can access an unauthorized URL to reach restricted functionality and data. The CVSS metrics from NVD indica...

8.1CVSS6.8AI score0.01058EPSS
CVE
CVE
added 2021/12/01 2:0 a.m.50 views

CVE-2021-43359

CVE-2021-43359 affects Sunnet eHRD (SunChat Technology) and is described as a broken access control vulnerability. The affected component is the account management area, where an attacker authenticated as a general user can access that page and then perform privilege escalation to execute arbitra...

9CVSS9.1AI score0.02394EPSS
CVE
CVE
added 2021/12/01 2:0 a.m.46 views

CVE-2021-43358

CVE-2021-43358 affects Sunnet eHRD (SunChat Technology Inc.). The vulnerability arises from inadequate filtering of special characters in URLs, enabling a remote, unauthenticated attacker to perform path traversal, access restricted paths, and download system files. Documented impact aligns with ...

7.8CVSS7.5AI score0.02294EPSS
CVE
CVE
added 2021/12/01 2:0 a.m.40 views

CVE-2021-43360

Sunnet eHRD is a talent management system from Sun Chat Technology. The CVE-2021-43360 vulnerability affects its e-mail delivery task schedule’s serialization function, where inadequate input object validation and restriction allows a post-authenticated remote attacker with database access privil...

9CVSS9AI score0.02328EPSS