Sun Ehrd
By the Year
In 2023 there have been 0 vulnerabilities in Sun Ehrd . Ehrd did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 3 | 8.37 |
2020 | 3 | 6.70 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Ehrd vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sun Ehrd Security Vulnerabilities
Sunnet eHRD has inadequate filtering for special characters in URLs, which
CVE-2021-43358
7.5 - High
- December 01, 2021
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files.
Directory traversal
Sunnet eHRD e-mail delivery task schedules serialization function has inadequate input object validation and restriction, which
CVE-2021-43360
8.8 - High
- December 01, 2021
Sunnet eHRD e-mail delivery task schedules serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services.
Marshaling, Unmarshaling
Sunnet eHRD has broken access control vulnerability, which
CVE-2021-43359
8.8 - High
- December 01, 2021
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.
Sunnet eHRD, a human training and development management system, improperly stores system files
CVE-2020-10508
7.5 - High
- March 27, 2020
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
Information Disclosure
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers
CVE-2020-10509
6.1 - Medium
- March 27, 2020
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
XSS
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control
CVE-2020-10510
6.5 - Medium
- March 27, 2020
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
Improper Input Validation