20 matches found
CVE-2026-2095
Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user...
CVE-2026-2097
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-2096
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2099
AgentFlow developed by Flowring has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2026-2098
AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...
CVE-2026-2097 Flowring|Agentflow - Arbitrary File Upload
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2026-2096
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2096 Flowring|Agentflow - Missing Authenticaton
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2096
PT-2026-3085 documents a new Azure SSO vulnerability in Windows Admin Center that lets a local administrator on a single machine escape the VM and achieve tenant‑wide remote code execution. Affected component: Windows Admin Center’s Azure SSO integration. Exploit path: local admin on one machine ...
Flowring Agentflow 跨站脚本漏洞
Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. Flowring Agentflow has a cross-site scripting vulnerability, which stems from reflective cross-site scripting. This vulnerability could allow unverified remote attackers to execute...
Flowring Agentflow 安全漏洞
Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. There is a security vulnerability in Flowring Agentflow, which stems from an authentication bypass mechanism. This vulnerability could allow unverified remote attackers to obtain...
Flowring Agentflow 安全漏洞
Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. Flowring Agentflow has a security vulnerability that stems from the lack of authentication. This vulnerability could allow unverified remote attackers to read, modify, and delete...
Flowring Agentflow 代码问题漏洞
Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. There are code-related vulnerabilities in Flowring Agentflow. These vulnerabilities stem from arbitrary file uploads, which may allow authenticated remote attackers to upload and execu...
Flowring Agentflow 跨站脚本漏洞
Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. Flowring Agentflow has a cross-site scripting vulnerability. This vulnerability stems from stored-xss scripts, which may allow authenticated remote attackers to inject persistent...
CVE-2025-11898
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
EUVD-2025-34859
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
Flowring Agentflow 安全漏洞
Flowring Agentflow is an intelligent process automation RPA platform from Flowring China. A security vulnerability exists in Flowring Agentflow that stems from the use of hard-coded encryption keys, which could allow an unauthenticated remote attacker to generate authentication information using ...
CVE-2022-39037 FLOWRING Agentflow BPM - Path Traversal
Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...