http://www.nsfocus.net/vulndb/73064 WebFlowring Technology Flowring Technology Agentflow BPM. 描述:. CVE (CAN) ID: CVE-2024-39036. Flowring Technology Agentflow BPM是中国华苓科技(Flowring Technology)公司的一个企业流程管理系统。. Flowring Technology Agentflow BPM存在输入验证错误漏洞,该漏洞源于其文件上传功能未对URL中的特殊 ...
Agentflow Portal - bpm.elka.com.tw
WebFlowring Technology Agentflow BPM是中国华苓科技(Flowring Technology)公司的一个企业流程管理系统。 Flowring Technology Agentflow BPM 存在代码问题漏洞,该 … http://bpm.synnex-grp.com/WebAgenda/ApplyItemAction.do?currentFuncId=0&selected=1&firstIn=1 ray-101-3.0 10 ck0610
无胁科技-TVD每日漏洞情报-2024-11-14 - 简书
WebNov 15, 2024 · CVE-2024-39036 is a disclosure identifier tied to a security vulnerability with the following details. The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service. WebWho is Flowring Technology. Flowring devotes itself to provide Business Process Management (BPM) software solution that helps enterprises build process-oriented information system since it s establishment in February 1999. From the development of BPMS platform to technical consultancy, our services stretch across different fields to … WebAgentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account to acquire arbitrary account privilege, and access, manipulate system or disrupt service. 2 CVE-2024-39037: 22: Dir. Trav. Bypass 2024-11-10: 2024-11-15 raxz records