Filtered by vendor Aenrich
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28741 | 1 Aenrich | 1 A\+hrd | 2024-11-21 | 8.1 High |
| aEnrich a+HRD 5.x Learning Management Key Performance Indicator System has a local file inclusion (LFI) vulnerability that occurs due to missing input validation in v5.x | ||||
| CVE-2022-28740 | 1 Aenrich | 1 A\+hrd | 2024-11-21 | 7.5 High |
| aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor. | ||||
| CVE-2022-26676 | 1 Aenrich | 1 A\+hrd | 2024-11-21 | 9.8 Critical |
| aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service. | ||||
| CVE-2022-26675 | 1 Aenrich | 1 A\+hrd | 2024-11-21 | 7.5 High |
| aEnrich a+HRD has inadequate filtering for special characters in URLs. An unauthenticated remote attacker can bypass authentication and perform path traversal attacks to access arbitrary files under website root directory. | ||||