Lucene search
K

47 matches found

NVD
NVD
added 2024/06/03 7:15 a.m.16 views

CVE-2024-5311

DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...

9.8CVSS9.9AI score0.00627EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/03 6:26 a.m.11 views

CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...

9.8CVSS8AI score0.00627EPSS
Exploits0References1
NVD
NVD
added 2024/05/15 3:15 a.m.9 views

CVE-2024-4893

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...

9.8CVSS9.8AI score0.00793EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/15 2:31 a.m.11 views

CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...

9.8CVSS7.8AI score0.00793EPSS
Exploits0References2
CVE
CVE
added 2024/05/15 2:31 a.m.54 views

CVE-2024-4893

CVE-2024-4893 affects DigiWin EasyFlow .NET. The vulnerability is due to insufficient input validation, enabling SQL injection that could let remote attackers read, modify, and delete database records and potentially execute system commands. The issue is described across multiple sources (NVD, CV...

9.8CVSS7.8AI score0.00793EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/15 2:31 a.m.19 views

CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...

9.8CVSS9.9AI score0.00793EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.2 views

DigiWin EasyFlow .NET SQL注入漏洞

Digiwin DigiWin EasyFlow .NET is an enterprise-level workflow management WFM platform from Digiwin Software Taiwan, China. NET suffers from a SQL injection vulnerability that stems from a lack of validation of certain input parameters, which could allow a remote attacker to inject arbitrary SQL...

9.8CVSS8AI score0.00793EPSS
Exploits0References3
Rows per page
Query Builder