Vulnerabilities > Digiwin

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-02	CVE-2024-7323	Path Traversal vulnerability in Digiwin Easyflow .Net Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. network low complexity digiwin CWE-22	6.5
2022-07-20	CVE-2022-32456	SQL Injection vulnerability in Digiwin Business Process Management 5.8.6.1 Digiwin BPM’s function has insufficient validation for user input. network low complexity digiwin CWE-89 critical	9.8
2022-07-20	CVE-2022-32457	Server-Side Request Forgery (SSRF) vulnerability in Digiwin Business Process Management 5.8.6.1 Digiwin BPM has inadequate filtering for URL parameter. network low complexity digiwin CWE-918	5.3
2022-07-20	CVE-2022-32458	XXE vulnerability in Digiwin Business Process Management 5.8.6.1 Digiwin BPM has a XML External Entity Injection (XXE) vulnerability due to insufficient validation for user input. network low complexity digiwin CWE-611	7.5

Vulnerabilities > Digiwin {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Digiwin"}]}