CVE-2024-8778

CVE-2024-8778 concerns OMFLOW by The SYSCOM Group. The Connected documents specify that the vulnerability arises from improper validation of user input in the download functionality, enabling remote attackers with regular privileges to read arbitrary system files. Affected product is OMFLOW; impa...

CVE-2024-8779

The CVE-2024-8779 entry concerns OMFLOW by The SYSCOM Group, where access to system settings modification is not properly restricted. The vulnerability allows remote attackers with regular privileges to update system settings or create administrator accounts, potentially gaining full control of t...

CVE-2024-8777

CVE-2024-8777 concerns OMFLOW from The SYSCOM Group, where an information leakage vulnerability could allow unauthorized remote attackers to read arbitrary system configurations. The issue may be exposed via network access with low attack complexity and no privileges required, with the impact on ...

CVE-2024-8780

The CVE-2024-8780 issue affects OMFLOW from The SYSCOM Group, where the data query function does not properly restrict the query range. This root cause allows remote attackers with regular privileges (network access, low privilege) to obtain accounts and password hashes of other users, as stated ...