PT-2025-35338 · Unknown · Corporate Training Management System

Published

2025-08-30

Updated

2025-08-30

CVE-2025-54944

Report an issue

CVSS v4.0

6.9

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions:

SUNNET Corporate Training Management System versions prior to 10.11

Description:

An unrestricted file upload issue exists in SUNNET Corporate Training Management System. This allows remote attackers to upload files of dangerous types and potentially write malicious code to a specific file, leading to arbitrary code execution.

Recommendations:

Update SUNNET Corporate Training Management System to version 10.11 or later.

Fix

Unrestricted File Upload

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2025-54944

Affected Products

Corporate Training Management System

PT-2025-35338 · Unknown · Corporate Training Management System

Weakness Enumeration

Related Identifiers

Affected Products

References · 3