Filtered by vendor Sunnet Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-10438 2 Sun.net, Sunnet 2 Ehdr Ctms, Ehrd Ctms 2024-10-31 7.5 High
The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities.
CVE-2024-10439 2 Sun.net, Sunnet 2 Ehdr Ctms, Ehrd Ctms 2024-10-31 5.3 Medium
The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user.
CVE-2024-10440 2 Sun.net, Sunnet 2 Ehdr Ctms, Ehrd Ctms 2024-10-31 9.8 Critical
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents.