Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Digiwin|EasyFlow .NET and EasyFlow AiNet
Vulnerability Description
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet SQL注入漏洞
Vulnerability Description
Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet都是中国鼎新(Digiwin)公司的产品。Digiwin EasyFlow .NET是一款企业级工作流程管理(Workflow Management)平台。Digiwin EasyFlow AiNet是一个业务流程自动化平台。 Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet存在SQL注入漏洞,该漏洞源于允许经过身份验证的远程攻击者注入任意SQL命令,可能导致读取数据库内容。
CVSS Information
N/A
Vulnerability Type
N/A