Approved changes feed: RSS · Atom

cpe:2.3:a:digiwin:easyflow_.net:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorDigiwin (18dbde5d-3a25-581d-bda3-d32fc7ff848a)
ProductEasyflow .Net (dc340786-5216-525b-abe6-582fe66a5375)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-5964 vulnerable 2026-06-08 08:07:04.316361 Digiwin|EasyFlow .NET - SQL Injection
CRITICAL (9.8)
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Published: 2026-04-20T07:36:58.476Z
Updated: 2026-04-20T13:38:08.600Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-5963 vulnerable 2026-06-08 08:07:04.311007 Digiwin|EasyFlow .NET - SQL Injection
CRITICAL (9.8)
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Published: 2026-04-20T07:32:20.443Z
Updated: 2026-04-20T13:42:03.062Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-12503 vulnerable 2026-06-08 07:04:30.336334 Digiwin|EasyFlow .NET and EasyFlow AiNet
MEDIUM (6.5)
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
Published: 2025-11-03T06:51:55.994Z
Updated: 2025-11-03T13:48:19.281Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-11949 vulnerable 2026-06-08 07:04:29.455786 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication
HIGH (7.5)
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality.
Published: 2025-10-21T06:49:56.119Z
Updated: 2025-10-21T14:08:23.554Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-7323 vulnerable 2026-06-08 06:58:21.888096 Digiwin EasyFlow .NET - Arbitrary File Download
MEDIUM (6.5)
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server .
Published: 2024-08-02T10:36:51.855Z
Updated: 2024-08-02T14:02:20.958Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-5311 vulnerable 2026-06-08 06:56:15.487560 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-4893 vulnerable 2026-06-08 06:50:18.974113 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.