Lucene search
+L

47 matches found

CNNVD
CNNVD
added 2025/11/17 12:0 a.m.6 views

Digiwin EasyFlow GP 安全漏洞

Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which can be exploited by an unauthenticated, remote attacker to send a specific request that could result in a denial of service...

8.7CVSS6.7AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.4 views

Digiwin EasyFlow GP 安全漏洞

Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to plaintext database credentials...

6.9CVSS6.9AI score0.00326EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.5 views

Digiwin EasyFlow GP 安全漏洞

Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to AD and system mail plaintext...

6.9CVSS6.9AI score0.00326EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/04 7:5 a.m.5 views

CVE-2025-12503

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS8.1AI score0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/03 6:51 a.m.9 views

CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00317EPSS
Exploits0References2
CVE
CVE
added 2025/11/03 6:51 a.m.16 views

CVE-2025-12503

CVE-2025-12503 describes a SQL Injection vulnerability in Digiwin EasyFlow .NET and EasyFlow AiNet. Affected: EasyFlow .NET and EasyFlow AiNet by Digiwin. Impact: authenticated remote attackers can inject SQL and read database contents. Root cause/details of vulnerable component/version are not s...

7.1CVSS7.7AI score0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/03 6:51 a.m.2 views

CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS7.7AI score0.00317EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.6 views

Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet SQL注入漏洞

Digiwin EasyFlow .NET and Digiwin EasyFlow AiNet are both products of China's Digiwin Corporation, Digiwin EasyFlow . AiNet is a business process automation platform. NET and Digiwin EasyFlow AiNet have a SQL injection vulnerability that originates from a vulnerability that could allow an...

7.1CVSS7.9AI score0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/21 6:49 a.m.2 views

CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

8.7CVSS6.7AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/21 6:49 a.m.11 views

CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

8.7CVSS0.00423EPSS
Exploits0References2
CVE
CVE
added 2025/10/21 6:49 a.m.16 views

CVE-2025-11949

EasyFlow .NET and EasyFlow AiNet (Digiwin) are affected by a Missing Authentication vulnerability. Unauthenticated remote attackers may obtain database administrator credentials via a specific functionality. CVSS data in the initial entry indicates a high-severity risk (3.1: 7.5, 4.0: 8.7). Affec...

8.7CVSS6.7AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.7 views

Digiwin EasyFlow .NET 访问控制错误漏洞

Digiwin EasyFlow .NET is an enterprise-class workflow management WFM platform from Digiwin. NET suffers from an access control error vulnerability that stems from a lack of authentication, which could allow an unauthenticated remote attacker to obtain database administrator credentials...

8.7CVSS6.9AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-48262

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00599EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-44461

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00793EPSS
Exploits0References2
NVD
NVD
added 2024/08/02 11:16 a.m.32 views

CVE-2024-7323

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS0.00599EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/02 10:36 a.m.35 views

CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS7.1AI score0.00599EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/02 10:36 a.m.26 views

CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS0.00599EPSS
Exploits0References2
CVE
CVE
added 2024/08/02 10:36 a.m.40 views

CVE-2024-7323

CVE-2024-7323 affects Digiwin EasyFlow .NET, describing a lack of proper access control for a specific feature and inadequate input filtering. The vulnerability enables a remote attacker with regular privileges to download arbitrary files from the remote server. Documented metrics show CVSS v3.1 ...

6.5CVSS6.6AI score0.00599EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.5 views

PT-2024-38267 · Digiwin · Digiwin Easyflow .Net

Name of the Vulnerable Software and Affected Versions: Digiwin EasyFlow .NET affected versions not specified Description: The issue concerns a lack of proper access control for specific functionality and inadequate filtering of user input. This can be exploited by a remote attacker with regular...

6.5CVSS7.1AI score0.00599EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.5 views

Digiwin EasyFlow .NET 安全漏洞

NET is an enterprise-class workflow management platform from Digiwin. A security vulnerability exists in Digiwin EasyFlow .NET due to a lack of proper access control to a specific feature and the feature does not adequately filter user input, which can be exploited by a remote attacker with regul...

6.5CVSS6.8AI score0.00599EPSS
Exploits0References3
Rows per page
Query Builder