47 matches found
Digiwin EasyFlow GP 安全漏洞
Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which can be exploited by an unauthenticated, remote attacker to send a specific request that could result in a denial of service...
Digiwin EasyFlow GP 安全漏洞
Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to plaintext database credentials...
Digiwin EasyFlow GP 安全漏洞
Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to AD and system mail plaintext...
CVE-2025-12503
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-12503
CVE-2025-12503 describes a SQL Injection vulnerability in Digiwin EasyFlow .NET and EasyFlow AiNet. Affected: EasyFlow .NET and EasyFlow AiNet by Digiwin. Impact: authenticated remote attackers can inject SQL and read database contents. Root cause/details of vulnerable component/version are not s...
CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet SQL注入漏洞
Digiwin EasyFlow .NET and Digiwin EasyFlow AiNet are both products of China's Digiwin Corporation, Digiwin EasyFlow . AiNet is a business process automation platform. NET and Digiwin EasyFlow AiNet have a SQL injection vulnerability that originates from a vulnerability that could allow an...
CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...
CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...
CVE-2025-11949
EasyFlow .NET and EasyFlow AiNet (Digiwin) are affected by a Missing Authentication vulnerability. Unauthenticated remote attackers may obtain database administrator credentials via a specific functionality. CVSS data in the initial entry indicates a high-severity risk (3.1: 7.5, 4.0: 8.7). Affec...
Digiwin EasyFlow .NET 访问控制错误漏洞
Digiwin EasyFlow .NET is an enterprise-class workflow management WFM platform from Digiwin. NET suffers from an access control error vulnerability that stems from a lack of authentication, which could allow an unauthenticated remote attacker to obtain database administrator credentials...
EUVD-2024-48262
Malicious code in bioql PyPI...
EUVD-2024-44461
Malicious code in bioql PyPI...
CVE-2024-7323
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
CVE-2024-7323
CVE-2024-7323 affects Digiwin EasyFlow .NET, describing a lack of proper access control for a specific feature and inadequate input filtering. The vulnerability enables a remote attacker with regular privileges to download arbitrary files from the remote server. Documented metrics show CVSS v3.1 ...
PT-2024-38267 · Digiwin · Digiwin Easyflow .Net
Name of the Vulnerable Software and Affected Versions: Digiwin EasyFlow .NET affected versions not specified Description: The issue concerns a lack of proper access control for specific functionality and inadequate filtering of user input. This can be exploited by a remote attacker with regular...
Digiwin EasyFlow .NET 安全漏洞
NET is an enterprise-class workflow management platform from Digiwin. A security vulnerability exists in Digiwin EasyFlow .NET due to a lack of proper access control to a specific feature and the feature does not adequately filter user input, which can be exploited by a remote attacker with regul...