Skip to main content

Filecatalyst Workflow

4 CVEs product

Monthly

CVE-2024-6633 CRITICAL Act Now

The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Filecatalyst Workflow
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-6632 HIGH This Week

A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Filecatalyst Workflow
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-5276 CRITICAL POC THREAT Act Now

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Filecatalyst Workflow
NVD
CVSS 3.1
9.1
EPSS
90.1%
CVE-2024-25153 CRITICAL Act Now

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Filecatalyst Workflow
NVD GitHub
CVSS 3.1
9.8
EPSS
41.7%
EPSS 1% CVSS 9.8
CRITICAL Act Now

The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Filecatalyst Workflow
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Filecatalyst Workflow
NVD
EPSS 90% CVSS 9.1
CRITICAL POC THREAT Act Now

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Filecatalyst Workflow
NVD
EPSS 42% CVSS 9.8
CRITICAL Act Now

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Filecatalyst Workflow
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy