Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sunnet eHRD - Insecure Deserialization
Vulnerability Description
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
旭聊科技 Sunnet eHRD 代码问题漏洞
Vulnerability Description
旭聊科技 Sunnet eHRD是中国台湾旭聊科技公司的一套人才管理系统。该系统支持人才管理和绩效管理等。 Sunnet eHRD 存在代码问题漏洞,该漏洞源于Sunnet eHRD的电子邮件发送任务调度的序列化功能没有充分的输入对象验证和限制。攻击者可利用该漏洞执行任意代码并控制系统或中断服务。
CVSS Information
N/A
Vulnerability Type
N/A