44 matches found
CVE-2026-5964 Digiwin|EasyFlow .NET - SQL Injection
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-5963
The CVE-2026-5963 entry concerns EasyFlow .NET from Digiwin with a SQL Injection vulnerability. The issue allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. According to the connected sources, the affected product is EasyFlow .N...
CVE-2026-5963 Digiwin|EasyFlow .NET - SQL Injection
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-5963 Digiwin|EasyFlow .NET - SQL Injection
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
PT-2026-33725
Name of the Vulnerable Software and Affected Versions EasyFlow .NET affected versions not specified Description EasyFlow .NET developed by Digiwin contains a SQL Injection flaw. This allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database...
Digiwin EasyFlow .NET 安全漏洞
Digiwin EasyFlow .NET is an enterprise-level Workflow Management platform developed by Digiwin in Taiwan, China. There is a security vulnerability in Digiwin EasyFlow .NET, which stems from SQL injection attacks. This vulnerability could allow unverified remote attackers to inject arbitrary SQL...
Digiwin EasyFlow .NET 安全漏洞
Digiwin EasyFlow .NET is an enterprise-level Workflow Management platform developed by Digiwin in Taiwan, China. There is a security vulnerability in Digiwin EasyFlow .NET, which stems from SQL injection attacks. This vulnerability could allow unverified remote attackers to inject arbitrary SQL...
CVE-2025-13164
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend...
CVE-2025-13165
CVE-2025-13165 concerns Digiwin EasyFlow GP. The vulnerability is a Denial of Service via unauthenticated remote requests that can crash or deny the web service. The initial records attribute a high impact (availability) with network access and no privileges required, but exploitation details are...
CVE-2025-13165 Digiwin|EasyFlow GP - Denial of service
EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service...
CVE-2025-13165 Digiwin|EasyFlow GP - Denial of service
EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service...
CVE-2025-13164 Digiwin|EasyFlow GP - Insufficiently Protected Credentials
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend...
CVE-2025-13164
EasyFlow GP from Digiwin has an Insufficiently Protected Credentials vulnerability that could let privileged remote attackers obtain plaintext credentials for Active Directory and system mail from the system frontend. The CVE entry notes impact to confidentiality (C) with high severity per CVSS d...
CVE-2025-13164 Digiwin|EasyFlow GP - Insufficiently Protected Credentials
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend...
CVE-2025-13163 Digiwin|EasyFlow GP - Insufficiently Protected Credentials
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...
CVE-2025-13163 Digiwin|EasyFlow GP - Insufficiently Protected Credentials
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...
CVE-2025-13163
CVE-2025-13163 affects EasyFlow GP by Digiwin. The issue is insufficient protection of credentials in the system frontend, enabling privileged remote attackers to obtain plaintext database credentials. Impact is high on confidentiality per the CVSS metrics; exploitation details and a concrete fix...
Digiwin EasyFlow GP 安全漏洞
Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to AD and system mail plaintext...
Digiwin EasyFlow GP 安全漏洞
Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to plaintext database credentials...
Digiwin EasyFlow GP 安全漏洞
Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which can be exploited by an unauthenticated, remote attacker to send a specific request that could result in a denial of service...