| Title | RoadFlow Engine SQL injection vulnerability |
|---|
| Description | A vulnerability was identified in RoadFlow Engine and classified as high severity,This will affect the unknown part of the log query, the operation of the parameters sidx, sord leads to sql injection.Official website address:http://www.roadflow.net/.RoadFlow is an ASP.NET CORE rapid development framework with an integrated workflow engine, developed by a technical team engaged in workflow development and implementation for many years. The workflow platform is based on years of experience in the application of workflow in enterprises and institutions. It is a workflow platform in line with national conditions, especially suitable for domestic non-standard, complex and changeable work approval circulation, which can be realized through configuration. All complex business process approvals. With full-browser-compatible visual process designer, form designer, flexible and sophisticated authority management and other advanced design concepts, it is the best basic platform for you to develop large-scale systems such as OA, CRM, and ERP. Since its release, RoadFlow has been recognized and applied by hundreds of companies, including many listed companies and large group companies. It is a stable and efficient, simple but not simple, low-cost but not cheap, rapid development platform with workflow engine as the core. |
|---|
| Source | ⚠️ https://github.com/yangxixx/vulhub/blob/master/activemq/RoadFlow.md |
|---|
| User | sadfsdfsdfsdf (ID 48119) |
|---|
| Submission | 06/06/2023 03:36 (12 months ago) |
|---|
| Moderation | 06/12/2023 16:36 (7 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB Entry | 231230 |
|---|