79 matches found
EUVD-2025-35153
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...
Digiwin EasyFlow .NET 访问控制错误漏洞
Digiwin EasyFlow .NET is an enterprise-class workflow management WFM platform from Digiwin. NET suffers from an access control error vulnerability that stems from a lack of authentication, which could allow an unauthenticated remote attacker to obtain database administrator credentials...
EUVD-2024-48262
Malicious code in bioql PyPI...
EUVD-2024-44461
Malicious code in bioql PyPI...
CVE-2024-7323
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
CVE-2024-7323
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
CVE-2024-7323
CVE-2024-7323 affects Digiwin EasyFlow .NET, describing a lack of proper access control for a specific feature and inadequate input filtering. The vulnerability enables a remote attacker with regular privileges to download arbitrary files from the remote server. Documented metrics show CVSS v3.1 ...
CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...
PT-2024-38267 · Digiwin · Digiwin Easyflow .Net
Name of the Vulnerable Software and Affected Versions: Digiwin EasyFlow .NET affected versions not specified Description: The issue concerns a lack of proper access control for specific functionality and inadequate filtering of user input. This can be exploited by a remote attacker with regular...
Digiwin EasyFlow .NET 安全漏洞
NET is an enterprise-class workflow management platform from Digiwin. A security vulnerability exists in Digiwin EasyFlow .NET due to a lack of proper access control to a specific feature and the feature does not adequately filter user input, which can be exploited by a remote attacker with regul...
CVE-2024-5311
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...
CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...
CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...
CVE-2024-4893
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...
CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...
CVE-2024-4893
CVE-2024-4893 affects DigiWin EasyFlow .NET. The vulnerability is due to insufficient input validation, enabling SQL injection that could let remote attackers read, modify, and delete database records and potentially execute system commands. The issue is described across multiple sources (NVD, CV...
CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...
DigiWin EasyFlow .NET SQL注入漏洞
Digiwin DigiWin EasyFlow .NET is an enterprise-level workflow management WFM platform from Digiwin Software Taiwan, China. NET suffers from a SQL injection vulnerability that stems from a lack of validation of certain input parameters, which could allow a remote attacker to inject arbitrary SQL...