47 matches found
CVE-2024-5311
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...
CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...
CVE-2024-4893
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...
CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...
CVE-2024-4893
CVE-2024-4893 affects DigiWin EasyFlow .NET. The vulnerability is due to insufficient input validation, enabling SQL injection that could let remote attackers read, modify, and delete database records and potentially execute system commands. The issue is described across multiple sources (NVD, CV...
CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...
DigiWin EasyFlow .NET SQL注入漏洞
Digiwin DigiWin EasyFlow .NET is an enterprise-level workflow management WFM platform from Digiwin Software Taiwan, China. NET suffers from a SQL injection vulnerability that stems from a lack of validation of certain input parameters, which could allow a remote attacker to inject arbitrary SQL...