Vulnerabilities > Flowring

DATE CVE VULNERABILITY TITLE RISK
2022-11-10 CVE-2022-39036 Unrestricted Upload of File with Dangerous Type vulnerability in Flowring Agentflow 4.0.0.1183.552
The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs.
network
low complexity
flowring CWE-434
critical
9.8
2022-11-10 CVE-2022-39037 Path Traversal vulnerability in Flowring Agentflow 4.0.0.1183.552
Agentflow BPM file download function has a path traversal vulnerability.
network
low complexity
flowring CWE-22
7.5
2022-11-10 CVE-2022-39038 Improper Authentication vulnerability in Flowring Agentflow 4.0.0.1183.552
Agentflow BPM enterprise management system has improper authentication.
network
low complexity
flowring CWE-287
8.8