PT-2025-35341 · Sunnet · Corporate Training Management System

Published

2025-08-30

·

Updated

2025-08-30

·

CVE-2025-54946

Report an issue
CVSS v4.0
9.3
VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions:

SUNNET Corporate Training Management System versions prior to 10.11

Description:

A SQL injection flaw exists in SUNNET Corporate Training Management System. This issue allows remote attackers to execute arbitrary SQL commands.

Recommendations:

Update SUNNET Corporate Training Management System to version 10.11 or later.

Fix

SQL injection

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-54946

Affected Products

Corporate Training Management System