All 8 CVE vulnerabilities found in eHRD CTMS, with AI-generated Chinese analysis, references, and POCs.
Vendor: Sunnet
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-9570 | Sunnet|eHRD CTMS - Arbitrary File Reading through Path Traversal CWE-23 | 4.9 | Medium | 2025-09-01 |
| CVE-2025-9569 | Sunnet|eHRD CTMS - Reflected Cross-site Scripting CWE-79 | 6.1 | Medium | 2025-09-01 |
| CVE-2025-9568 | Sunnet|eHRD CTMS - Reflected Cross-site Scripting CWE-79 | 6.1 | Medium | 2025-09-01 |
| CVE-2025-9567 | Sunnet|eHRD CTMS - Reflected Cross-site Scripting CWE-79 | 6.1 | Medium | 2025-09-01 |
| CVE-2025-3707 | Sunnet eHRD CTMS - SQL Injection CWE-89 | 6.5 | Medium | 2025-05-02 |
| CVE-2024-10440 | Sunnet eHRD CTMS - SQL Injection CWE-89 | 9.8 | Critical | 2024-10-28 |
| CVE-2024-10439 | Sunnet eHRD CTMS - Insecure Direct Object Reference CWE-639 | 5.3 | Medium | 2024-10-28 |
| CVE-2024-10438 | Sunnet eHRD CTMS - Authentication Bypass CWE-288 | 7.5 | High | 2024-10-28 |
All 8 known CVE vulnerabilities affecting eHRD CTMS with full Chinese analysis, references, and POCs where available.