CVE-2024-5311

DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database records. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt