Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10438 | 1 Sun.net | 1 Ehdr Ctms | 2024-10-31 | N/A | 7.5 HIGH |
| The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities. | |||||
| CVE-2024-10439 | 1 Sun.net | 1 Ehdr Ctms | 2024-10-31 | N/A | 7.5 HIGH |
| The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user. | |||||
| CVE-2024-10440 | 1 Sun.net | 1 Ehdr Ctms | 2024-10-31 | N/A | 9.8 CRITICAL |
| The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents. | |||||