Lucene search
K

79 matches found

EUVD
EUVD
added 2025/10/21 6:49 a.m.4 views

EUVD-2025-35153

EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...

8.7CVSS6.6AI score0.00428EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.2 views

Digiwin EasyFlow .NET 访问控制错误漏洞

Digiwin EasyFlow .NET is an enterprise-class workflow management WFM platform from Digiwin. NET suffers from an access control error vulnerability that stems from a lack of authentication, which could allow an unauthenticated remote attacker to obtain database administrator credentials...

8.7CVSS6.9AI score0.00428EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-48262

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00599EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-44461

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00793EPSS
Exploits0References2
OSV
OSV
added 2024/08/02 11:16 a.m.2 views

CVE-2024-7323

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS5.9AI score0.00599EPSS
Exploits0References2
NVD
NVD
added 2024/08/02 11:16 a.m.31 views

CVE-2024-7323

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS0.00599EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/02 10:36 a.m.22 views

CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS0.00599EPSS
Exploits0References2
CVE
CVE
added 2024/08/02 10:36 a.m.37 views

CVE-2024-7323

CVE-2024-7323 affects Digiwin EasyFlow .NET, describing a lack of proper access control for a specific feature and inadequate input filtering. The vulnerability enables a remote attacker with regular privileges to download arbitrary files from the remote server. Documented metrics show CVSS v3.1 ...

6.5CVSS6.6AI score0.00599EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/02 10:36 a.m.34 views

CVE-2024-7323 Digiwin EasyFlow .NET - Arbitrary File Download

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server...

6.5CVSS7.1AI score0.00599EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.3 views

PT-2024-38267 · Digiwin · Digiwin Easyflow .Net

Name of the Vulnerable Software and Affected Versions: Digiwin EasyFlow .NET affected versions not specified Description: The issue concerns a lack of proper access control for specific functionality and inadequate filtering of user input. This can be exploited by a remote attacker with regular...

6.5CVSS7.1AI score0.00599EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.4 views

Digiwin EasyFlow .NET 安全漏洞

NET is an enterprise-class workflow management platform from Digiwin. A security vulnerability exists in Digiwin EasyFlow .NET due to a lack of proper access control to a specific feature and the feature does not adequately filter user input, which can be exploited by a remote attacker with regul...

6.5CVSS6.8AI score0.00599EPSS
Exploits0References3
NVD
NVD
added 2024/06/03 7:15 a.m.15 views

CVE-2024-5311

DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...

9.8CVSS9.9AI score0.00627EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/03 6:26 a.m.11 views

CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...

9.8CVSS8AI score0.00627EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/03 6:26 a.m.28 views

CVE-2024-5311 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records...

9.8CVSS9.9AI score0.00627EPSS
Exploits0References1
NVD
NVD
added 2024/05/15 3:15 a.m.9 views

CVE-2024-4893

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...

9.8CVSS9.8AI score0.00793EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/15 2:31 a.m.11 views

CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...

9.8CVSS7.8AI score0.00793EPSS
Exploits0References2
CVE
CVE
added 2024/05/15 2:31 a.m.54 views

CVE-2024-4893

CVE-2024-4893 affects DigiWin EasyFlow .NET. The vulnerability is due to insufficient input validation, enabling SQL injection that could let remote attackers read, modify, and delete database records and potentially execute system commands. The issue is described across multiple sources (NVD, CV...

9.8CVSS7.8AI score0.00793EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/15 2:31 a.m.19 views

CVE-2024-4893 DigiWin EasyFlow .NET - SQL Injection

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands...

9.8CVSS9.9AI score0.00793EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.2 views

DigiWin EasyFlow .NET SQL注入漏洞

Digiwin DigiWin EasyFlow .NET is an enterprise-level workflow management WFM platform from Digiwin Software Taiwan, China. NET suffers from a SQL injection vulnerability that stems from a lack of validation of certain input parameters, which could allow a remote attacker to inject arbitrary SQL...

9.8CVSS8AI score0.00793EPSS
Exploits0References3
Rows per page
Query Builder