Lucene search
K

76 matches found

Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7234

Name of the Vulnerable Software and Affected Versions Docpedia affected versions not specified Description Docpedia, developed by Flowring, exhibits a SQL Injection issue. This allows attackers who do not need to log in to inject and execute arbitrary SQL commands, potentially leading to...

8.7CVSS6.1AI score0.00462EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7238

AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

6.1CVSS6AI score0.00201EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7235

Name of the Vulnerable Software and Affected Versions Docpedia affected versions not specified Description Docpedia developed by Flowring has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read, modify, and delete database...

8.8CVSS6.1AI score0.00319EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Flowring Agentflow 跨站脚本漏洞

Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. Flowring Agentflow has a cross-site scripting vulnerability, which stems from reflective cross-site scripting. This vulnerability could allow unverified remote attackers to execute...

6.1CVSS5.7AI score0.00201EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.5 views

PT-2026-7237

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS6.5AI score0.00437EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7236

Name of the Vulnerable Software and Affected Versions Agentflow versions affected versions not specified Description Agentflow, developed by Flowring, exhibits an authentication bypass condition. Unauthenticated remote attackers can exploit a specific functionality to obtain arbitrary user...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Flowring Docpedia SQL注入漏洞

Flowring Docpedia is a document management system developed by Flowring Corporation. Flowring Docpedia has a SQL injection vulnerability. This vulnerability allows authenticated remote attackers to inject arbitrary SQL commands, potentially leading to the reading, modification, or deletion of...

8.8CVSS6AI score0.00319EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.6 views

Flowring Agentflow 安全漏洞

Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. Flowring Agentflow has a security vulnerability that stems from the lack of authentication. This vulnerability could allow unverified remote attackers to read, modify, and delete...

9.8CVSS5.8AI score0.00519EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.6 views

Flowring Docpedia SQL注入漏洞

Flowring Docpedia is a document management system developed by Flowring Corporation in China. Flowring Docpedia has a SQL injection vulnerability. This vulnerability arises from unvalidated remote attacks, allowing attackers to inject arbitrary SQL commands, potentially leading to the reading of...

8.7CVSS6AI score0.00462EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

Flowring Agentflow 跨站脚本漏洞

Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. Flowring Agentflow has a cross-site scripting vulnerability. This vulnerability stems from stored-xss scripts, which may allow authenticated remote attackers to inject persistent...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.6 views

Flowring Agentflow 安全漏洞

Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. There is a security vulnerability in Flowring Agentflow, which stems from an authentication bypass mechanism. This vulnerability could allow unverified remote attackers to obtain...

9.8CVSS6AI score0.00507EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

Flowring Agentflow 代码问题漏洞

Flowring Agentflow is an intelligent process automation RPA platform developed by Flowring Corporation in China. There are code-related vulnerabilities in Flowring Agentflow. These vulnerabilities stem from arbitrary file uploads, which may allow authenticated remote attackers to upload and execu...

8.8CVSS6.3AI score0.00437EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/18 4:45 a.m.5 views

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS7.2AI score0.00752EPSS
Exploits0References1
NVD
NVD
added 2025/10/17 4:16 a.m.4 views

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00752EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/17 3:44 a.m.4 views

CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...

9.2CVSS6.8AI score0.00615EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/17 3:44 a.m.19 views

CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...

9.2CVSS0.00615EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/17 3:44 a.m.5 views

EUVD-2025-34859

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...

9.2CVSS6.6AI score0.00615EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/17 3:41 a.m.3 views

EUVD-2025-34860

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.8AI score0.00752EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/17 3:41 a.m.2 views

CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.9AI score0.00752EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/17 3:41 a.m.8 views

CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00752EPSS
Exploits0References2
Rows per page
Query Builder