Deltaflow Project: Security Vulnerabilities
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-04-06
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-04-06
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-04-06