EUVD-2023-43886

Malicious code in bioql PyPI...

Corezoid Process Engine 安全漏洞

Corezoid Process Engine is an application from Corezoid, Inc. helps companies build, manage, host and run processes in the cloud. A security vulnerability exists in Corezoid Process Engine version 6.6.0, which stems from the presence of an open redirection in the redirecturi parameter in the OAut...

Malicious code in in-process-engine (npm)

The package in-process-engine was found to contain malicious code...

MAL-2025-23101 Malicious code in in-process-engine (npm)

The package in-process-engine was found to contain malicious code...

Security Bulletin: Apache Axis1 CVE-2023-51441 security vulnerability in FileNet Content Manager, Process Engine Process Orchestration

Summary Apache Axis1 CVE-2023-51441 security vulnerability in FileNet Content Manager, Process Engine Process Orchestration. Affected, not vulnerable Vulnerability Details CVEID:CVE-2023-51441 DESCRIPTION: Apache Axis is vulnerable to server-side request forgery, caused by a improper input...

CVE-2024-27592

Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...

CVE-2023-3208

A vulnerability, which was classified as critical, has been found in RoadFlow Visual Process Engine .NET Core Mvc 2.13.3. Affected by this issue is some unknown functionality of the file /Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05=tab0B73635494734D66B9C015CAC149EB05 of the component...

CVE-2024-27592

Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...

CVE-2024-27592

Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...

CVE-2024-27592

Open Redirect vulnerability CVE-2024-27592 affects Corezoid Process Engine v6.5.0. Multiple sources (NVD/Red Hat/CNNVD/CVE list) describe attackers being able to redirect users to arbitrary websites by appending a crafted link to the /login/ URL on the login page. The root cause is an open redire...

CVE-2024-27592

Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...

CVE-2024-27592

Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...

PT-2024-21959 · Unknown · Corezoid Process Engine

Name of the Vulnerable Software and Affected Versions: Corezoid Process Engine version 6.5.0 Description: The issue allows attackers to redirect users to arbitrary websites by appending a crafted link to the /login/ endpoint in the login page URL. This can be exploited by adding a malicious link ...

CVE-2023-3208

A vulnerability, which was classified as critical, has been found in RoadFlow Visual Process Engine .NET Core Mvc 2.13.3. Affected by this issue is some unknown functionality of the file /Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab0B73635494734D66B9C015CAC149EB05 of the compone...

CVE-2023-3208

A vulnerability, which was classified as critical, has been found in RoadFlow Visual Process Engine .NET Core Mvc 2.13.3. Affected by this issue is some unknown functionality of the file /Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab0B73635494734D66B9C015CAC149EB05 of the compone...

Sql injection

A vulnerability, which was classified as critical, has been found in RoadFlow Visual Process Engine .NET Core Mvc 2.13.3. Affected by this issue is some unknown functionality of the file /Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab0B73635494734D66B9C015CAC149EB05 of the compone...

CVE-2023-3208 RoadFlow Visual Process Engine .NET Core Mvc Login sql injection

A vulnerability, which was classified as critical, has been found in RoadFlow Visual Process Engine .NET Core Mvc 2.13.3. Affected by this issue is some unknown functionality of the file /Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab0B73635494734D66B9C015CAC149EB05 of the compone...

CVE-2023-3208

CVE-2023-3208 affects RoadFlow Visual Process Engine .NET Core MVC 2.13.3. The issue is in the Login component, where manipulation of the sidx/sord arguments in the endpoint "/Log/Query?appid=..." leads to a SQL injection. The vulnerability is exploitable remotely, and public exploits have been d...

PT-2023-23591 · Unknown · Roadflow Visual Process Engine

Name of the Vulnerable Software and Affected Versions: RoadFlow Visual Process Engine .NET Core Mvc version 2.13.3 Description: A critical issue has been found in the Login component of the affected software, specifically in the file "/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=ta...

UFLO 代码注入漏洞

UFLO is a pure Java process engine based on Spring that supports various flow methods such as parallel, dynamic parallel, serial, and countersign. A code injection vulnerability exists in UFLO uflo-core, which stems from incorrect user authentication...