RSS   Vulnerabilities for
'Business process management suite'   RSS

2014-05-22
 
CVE-2014-2948

CWE-89
 
 
SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.

 
 
CVE-2014-2947

 
 
Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM Suite before 10.3 allows remote attackers to inject arbitrary web script or HTML via the txtUsername parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top