Vulnerabilities > Fortra > Filecatalyst Workflow > 5.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-25 | CVE-2024-5276 | SQL Injection vulnerability in Fortra Filecatalyst Workflow A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. | 9.1 |
| 2024-03-13 | CVE-2024-25153 | Exposure of Resource to Wrong Sphere vulnerability in Fortra Filecatalyst Workflow A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. | 9.8 |