CVE-2025-12503

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-12503 Digiwin｜EasyFlow .NET and EasyFlow AiNet

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

EUVD-2025-37473

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-12503

CVE-2025-12503 describes a SQL Injection vulnerability in Digiwin EasyFlow .NET and EasyFlow AiNet. Affected: EasyFlow .NET and EasyFlow AiNet by Digiwin. Impact: authenticated remote attackers can inject SQL and read database contents. Root cause/details of vulnerable component/version are not s...

CVE-2025-12503 Digiwin｜EasyFlow .NET and EasyFlow AiNet

EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

PT-2025-44752

Name of the Vulnerable Software and Affected Versions EasyFlow .NET and EasyFlow AiNet developed by Digiwin affected versions not specified Description EasyFlow .NET and EasyFlow AiNet developed by Digiwin contains a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL...

Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet SQL注入漏洞

Digiwin EasyFlow .NET and Digiwin EasyFlow AiNet are both products of China's Digiwin Corporation, Digiwin EasyFlow . AiNet is a business process automation platform. NET and Digiwin EasyFlow AiNet have a SQL injection vulnerability that originates from a vulnerability that could allow an...

CVE-2025-11949

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

CVE-2025-11949

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

CVE-2025-11949 Digiwin｜EasyFlow .NET and EasyFlow AiNet - Missing Authentication

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

CVE-2025-11949

EasyFlow .NET and EasyFlow AiNet (Digiwin) are affected by a Missing Authentication vulnerability. Unauthenticated remote attackers may obtain database administrator credentials via a specific functionality. CVSS data in the initial entry indicates a high-severity risk (3.1: 7.5, 4.0: 8.7). Affec...

EUVD-2025-35153

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

CVE-2025-11949 Digiwin｜EasyFlow .NET and EasyFlow AiNet - Missing Authentication

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

Digiwin EasyFlow .NET 访问控制错误漏洞

Digiwin EasyFlow .NET is an enterprise-class workflow management WFM platform from Digiwin. NET suffers from an access control error vulnerability that stems from a lack of authentication, which could allow an unauthenticated remote attacker to obtain database administrator credentials...

EUVD-2024-48262

Malicious code in bioql PyPI...

EUVD-2024-44461

Malicious code in bioql PyPI...

CVE-2024-7323

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

CVE-2024-7323

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

CVE-2024-7323

CVE-2024-7323 affects Digiwin EasyFlow .NET, describing a lack of proper access control for a specific feature and inadequate input filtering. The vulnerability enables a remote attacker with regular privileges to download arbitrary files from the remote server. Documented metrics show CVSS v3.1 ...