Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ehdr_ctms
(Sun\.net)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-10-28 | CVE-2024-10438 | The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities. | Ehdr_ctms | 7.5 | ||
| 2024-10-28 | CVE-2024-10439 | The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user. | Ehdr_ctms | 7.5 | ||
| 2024-10-28 | CVE-2024-10440 | The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents. | Ehdr_ctms | 9.8 |