| TVN ID | TVN-202504007 |
|---|---|
| CVE ID | CVE-2025-3707 |
| CVSS | 6.5(medium) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| Affected Products | eHRD CTMS version 10.13 and earlier |
| Description | The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents. |
| Solution | Contact the vendor to obtain the patch |
| Credit | Vtim(DEVCORE) |
| Public Date | 2025-04-30 |
:::