Vulnerabilities > SUN > Ehrd
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-01 | CVE-2021-43358 | Unspecified vulnerability in SUN Ehrd 8/9 Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files. | 7.5 |
2020-03-27 | CVE-2020-10510 | Incorrect Authorization vulnerability in SUN Ehrd 8/9 Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. | 6.5 |
2020-03-27 | CVE-2020-10509 | Cross-site Scripting vulnerability in SUN Ehrd 8.0/9.0 Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack. | 6.1 |
2020-03-27 | CVE-2020-10508 | Unspecified vulnerability in SUN Ehrd 8/9 Sunnet eHRD, a human training and development management system, improperly stores system files. | 7.5 |