Approved changes feed: RSS · Atom
cpe:2.3:a:aenrich_technology:a+hrd:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Aenrich Technology (160146ae-341b-5241-8205-bfc10f2f1503) |
|---|---|
| Product | A+Hrd (287c72bb-233c-5b2f-8d5e-eecb6d786cf4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0586 |
vulnerable | 2026-06-08 07:02:24.901424 |
aEnrich Technology a+HRD - Insecure Deserialization
HIGH (7.2)
The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary code execution.
Published: 2025-01-20T02:28:02.503Z
Updated: 2025-02-12T20:41:20.485Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0585 |
vulnerable | 2026-06-08 07:02:24.900921 |
aEnrich Technology a+HRD - SQL Injection
CRITICAL (9.8)
The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Published: 2025-01-20T02:17:29.155Z
Updated: 2025-01-21T14:39:00.962Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0584 |
vulnerable | 2026-06-08 07:02:24.900394 |
aEnrich Technology a+HRD - Server-Side Request Forgery (SSRF)
MEDIUM (5.3)
The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network.
Published: 2025-01-20T02:06:19.718Z
Updated: 2025-01-21T14:43:40.739Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0583 |
vulnerable | 2026-06-08 07:02:24.898305 |
aEnrich Technology a+HRD - Reflected Cross-site Scripting(XSS)
MEDIUM (6.1)
The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Published: 2025-01-20T01:51:47.137Z
Updated: 2025-02-12T20:41:20.728Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-3775 |
vulnerable | 2026-06-08 06:43:51.502632 |
aEnrich Technology a+HRD - Argument Injection
MEDIUM (5.3)
aEnrich Technology a+HRD's functionality for downloading files using youtube-dl.exe does not properly restrict user input. This allows attackers to pass arbitrary arguments to youtube-dl.exe, leading to the download of partial unauthorized files.
Published: 2024-04-15T02:41:18.782Z
Updated: 2024-08-01T20:20:01.574Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-3774 |
vulnerable | 2026-06-08 06:43:51.497893 |
aEnrich Technology a+HRD - Exposure of Sensitive Data
MEDIUM (5.3)
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values lacks proper restrictions on a specific parameter, allowing attackers to modify this parameter to access certain sensitive system configuration values.
Published: 2024-04-15T02:14:39.724Z
Updated: 2024-10-18T15:44:24.362Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.