CVE-2025-13163

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...

CVE-2025-13163

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...

EUVD-2025-197770

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...

PT-2025-47125

Name of the Vulnerable Software and Affected Versions EasyFlow GP affected versions not specified Description EasyFlow GP developed by Digiwin has an issue where privileged remote attackers can obtain plaintext credentials for Active Directory AD and system mail from the system frontend. The issu...

SUSE CVE-2017-15864

In the Agent Frontend in Open Ticket Request System OTRS 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password...

SQL injection vulnerability in the sl***.aspx page of the Bid frontend of Qixing bidding system Bid (CNVD-2019-06238)

Qixing Bidding System Bid is a system suitable for enterprises to collect information on bidding information of government procurement, engineering construction, land grant, etc., and to track the progress of works and payment of successful projects. A SQL injection vulnerability exists in the...