101 matches found
CVE-2025-11898
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
EUVD-2025-34859
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11898
Flowring’s Agentflow is affected by CVE-2025-11898, an Arbitrary File Reading vulnerability exposed via Relative Path Traversal. Unauthenticated remote attackers can download arbitrary system files, highlighting a high confidentiality impact and network-based, low-complexity exploitation (no user...
EUVD-2025-34860
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
Flowring Agentflow 安全漏洞
Flowring Agentflow is an intelligent process automation RPA platform from Flowring China. A security vulnerability exists in Flowring Agentflow that stems from the use of hard-coded encryption keys, which could allow an unauthenticated remote attacker to generate authentication information using ...
Flowring Agentflow 安全漏洞
Flowring Agentflow is an intelligent process automation RPA platform from Flowring China. A security vulnerability exists in Flowring Agentflow that originates from allowing an unauthenticated, remote attacker to download arbitrary system files using relative path traversal...
EUVD-2022-41582
Malicious code in bioql PyPI...
CVE-2025-3709
Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...
CVE-2025-3709 Flowring Technology Agentflow - Account Lockout Bypass
Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...
CVE-2025-3709
CVE-2025-3709 concerns Flowring Technology’s Agentflow (Flowring Agentflow BPM). The vulnerability is an Account Lockout Bypass that enables unauthenticated remote attackers to perform password brute-force attempts. Affected component: Agentflow in Flowring Technology’s BPM product. Root cause: b...
CVE-2025-3709 Flowring Technology Agentflow - Account Lockout Bypass
Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...
Flowring Technology Agentflow BPM 安全漏洞
Flowring Technology Agentflow BPM is an enterprise process management system from Flowring Technology China. A security vulnerability exists in Flowring Technology Agentflow BPM, which stems from an account lockout bypass vulnerability that could lead to password brute force attack by an...
PT-2025-18748 · Flowring Technology · Agentflow
Name of the Vulnerable Software and Affected Versions: Agentflow from Flowring Technology affected versions not specified Description: The issue allows unauthenticated remote attackers to perform password brute force attacks by bypassing account lockout protection. Recommendations: At the moment,...
CVE-2022-39037
Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...
CVE-2022-39038
Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account to acquire arbitrary account privilege, and access, manipulate system or disrupt service...
CVE-2022-39036
The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service...