2 matches found
CVE-2014-2948
SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request...
Bizagi BPM Suite contains multiple vulnerabilities
Overview Bizagi BPM Suite contains a reflected cross-site scripting vulnerability and a SQL injection vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-2947According to Open-Sec consultant Mauricio Urizar, all versions...