Sun Ehrd

Do you want an email whenever new security vulnerabilities are reported in Sun Ehrd?

By the Year

In 2023 there have been 0 vulnerabilities in Sun Ehrd . Ehrd did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2023	0	0.00
2022	0	0.00
2021	3	8.37
2020	3	6.70
2019	0	0.00
2018	0	0.00

It may take a day or so for new Ehrd vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Sun Ehrd Security Vulnerabilities

Sunnet eHRD has inadequate filtering for special characters in URLs, which

CVE-2021-43358 7.5 - High - December 01, 2021

Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files.

Directory traversal

Sunnet eHRD e-mail delivery task schedules serialization function has inadequate input object validation and restriction, which

CVE-2021-43360 8.8 - High - December 01, 2021

Sunnet eHRD e-mail delivery task schedules serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services.

Marshaling, Unmarshaling

Sunnet eHRD has broken access control vulnerability, which

CVE-2021-43359 8.8 - High - December 01, 2021

Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.

Sunnet eHRD, a human training and development management system, improperly stores system files

CVE-2020-10508 7.5 - High - March 27, 2020

Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.

Information Disclosure

Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers

CVE-2020-10509 6.1 - Medium - March 27, 2020

Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.

XSS

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control

CVE-2020-10510 6.5 - Medium - March 27, 2020

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.

Improper Input Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Sun Ehrd or by Sun? Click the Watch button to subscribe.

Sun
Vendor

Sun Ehrd
Product

Sun Ehrd

By the Year

Recent Sun Ehrd Security Vulnerabilities

Sunnet eHRD has inadequate filtering for special characters in URLs, which CVE-2021-43358 7.5 - High - December 01, 2021

Sunnet eHRD e-mail delivery task schedules serialization function has inadequate input object validation and restriction, which CVE-2021-43360 8.8 - High - December 01, 2021

Sunnet eHRD has broken access control vulnerability, which CVE-2021-43359 8.8 - High - December 01, 2021

Sunnet eHRD, a human training and development management system, improperly stores system files CVE-2020-10508 7.5 - High - March 27, 2020

Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers CVE-2020-10509 6.1 - Medium - March 27, 2020

Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control CVE-2020-10510 6.5 - Medium - March 27, 2020