This page lists publicly disclosed CVE vulnerabilities affecting digiwin easyflow_.net (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-5964 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | [email protected] | 9.3 | 0.08% | 2026-04-20 | 2026-05-12 |
| CVE-2026-5963 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | [email protected] | 9.3 | 0.08% | 2026-04-20 | 2026-05-12 |
| CVE-2024-7323 | Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server . | [email protected] | 6.5 | 0.36% | 2024-08-02 | 2024-09-11 |