Lucene search
K

126 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-35528

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01321EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-44461

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00793EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-35529

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00676EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-7993

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00431EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-48262

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00599EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2025-22057

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00516EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/23 7:3 a.m.14 views

CVE-2025-7344

The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API...

8.8CVSS7.3AI score0.00516EPSS
Exploits0References1
NVD
NVD
added 2025/07/21 7:15 a.m.21 views

CVE-2025-7344

The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API...

8.8CVSS0.00516EPSS
Exploits0References3
NVD
NVD
added 2025/07/21 7:15 a.m.7 views

CVE-2025-7343

The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS0.00609EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/21 6:55 a.m.5 views

CVE-2025-7344 Digiwin|EAI - Privilege Escalation

The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API...

8.8CVSS6.6AI score0.00516EPSS
Exploits0References3
CVE
CVE
added 2025/07/21 6:55 a.m.21 views

CVE-2025-7344

The CVE-2025-7344 entry concerns Digiwin EAI, a cross-system data exchange/automation platform. A Privilege Escalation flaw allows remote attackers with regular privileges to elevate to administrator via a specific API endpoint. Public documents confirm the vulnerability class and API-based path ...

8.8CVSS6.7AI score0.00516EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/21 6:55 a.m.22 views

CVE-2025-7344 Digiwin|EAI - Privilege Escalation

The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API...

8.8CVSS0.00516EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/21 6:48 a.m.2 views

CVE-2025-7343 Digiwin|SFT - SQL Injection

The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS7.9AI score0.00609EPSS
Exploits0References3
CVE
CVE
added 2025/07/21 6:48 a.m.26 views

CVE-2025-7343

Summary: CVE-2025-7343 affects Digiwin SFT. The public docs describe a SQL Injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. No explicit version ranges or root-cause details are provided beyond the ...

9.8CVSS8AI score0.00609EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/21 6:48 a.m.8 views

CVE-2025-7343 Digiwin|SFT - SQL Injection

The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS0.00609EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.4 views

Digiwin SFT SQL注入漏洞

Digiwin SFT is a production tracking system from China-based Digiwin. A SQL injection vulnerability exists in Digiwin SFT, which can be exploited by an unauthenticated, remote attacker to inject arbitrary SQL commands that could result in reading, modifying, and deleting database content...

9.8CVSS8.1AI score0.00609EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.4 views

PT-2025-30239 · Digiwin · Digiwin Eai

Name of the Vulnerable Software and Affected Versions: Digiwin EAI affected versions not specified Description: The EAI developed by Digiwin contains a flaw that allows remote attackers with regular privileges to elevate their privileges to administrator level. This is achieved through a specific...

8.8CVSS6.2AI score0.00516EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.5 views

Digiwin EAI 安全漏洞

Digiwin EAI is a cross-system data exchange and automation platform from China-based Digiwin. A security vulnerability exists in Digiwin EAI that stems from an elevation of privilege issue in a specific API that could allow a remote attacker to elevate privileges to the administrator level...

8.8CVSS7AI score0.00516EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/26 7:15 p.m.8 views

CVE-2025-2706

A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has...

6.5CVSS7.1AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/26 4:17 p.m.6 views

CVE-2025-2705

A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.1AI score0.00431EPSS
Exploits0References1
Rows per page
Query Builder